From owner-freebsd-questions Mon Dec 13 18:55: 6 1999 Delivered-To: freebsd-questions@freebsd.org Received: from server.baldwin.cx (jobaldwi.campus.vt.edu [198.82.67.146]) by hub.freebsd.org (Postfix) with ESMTP id A73D315190 for ; Mon, 13 Dec 1999 18:55:00 -0800 (PST) (envelope-from jhb@FreeBSD.org) Received: from john.baldwin.cx (john [10.0.0.2]) by server.baldwin.cx (8.9.3/8.9.3) with ESMTP id VAA39913; Mon, 13 Dec 1999 21:54:25 -0500 (EST) (envelope-from jhb@FreeBSD.org) Message-Id: <199912140254.VAA39913@server.baldwin.cx> X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: Date: Mon, 13 Dec 1999 21:54:25 -0500 (EST) From: John Baldwin To: Jaime Kikpole Subject: Re: Merging 2 servers? Cc: freebsd-questions@FreeBSD.org Cc: freebsd-questions@FreeBSD.org, Jeroen Ruigrok van der Werven , Alfred Perlstein Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 13-Dec-99 Jaime Kikpole wrote: >> Then again having them all on one machine helps because students >> and teachers could be put in class groups to allow them access >> to common areas. > > This was one of the reasons that I began to consider the merge. We > have two compies of a web-based password changing program, two copies of > TWIG (web email program), two copies of the email address lookup CGI that > I wrote, and so on. Yes, but they are the same program, so it's just a simple cp/ftp/rcp/scp operation. I'd say the redundancy is worth it. >> Perhaps keeping the split, but making sure that teachers have logins >> on the student machine would be the most flexible, you can probably >> use NIS to keep the passwords and account information sync'd >> for the teacher accounts. > > Is it possible to use NIS to sync only part of the password > database? Is it possible to use NIS to sync usernames, passwords, and > home directories (which would be shared via NFS) and then change the shell > depending on the server? Specifically, I'm thinking of using > /usr/bin/false for their shells on one server and then adding a > "programming server" which allowed them to use bash, zsh, tcsh, etc. so > that they can test out programs without being able to crack at the server > quite so easily. Yes. +@admins:::::: +:NoLogin::::: Those two entries from a server I admin allow all of the information for administrators, but changes the encrypted password of everyone else to 'NoLogin', effectively blocking logins. I couldn't change the shell because sendmail runs on this server and needs valid shells to be able to run procmail in .forward's. > Thanks for the pointers so far! > > Jaime Good luck. -- John Baldwin -- http://www.FreeBSD.org/~jhb/ PGP Key: http://www.cslab.vt.edu/~jobaldwi/pgpkey.asc "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message