From owner-freebsd-questions@FreeBSD.ORG Tue Jan 13 06:21:36 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CB940106566B for ; Tue, 13 Jan 2009 06:21:36 +0000 (UTC) (envelope-from bill@mi.celestial.com) Received: from dorsai-02.celestial.com (dorsai-02.celestial.com [192.136.111.19]) by mx1.freebsd.org (Postfix) with ESMTP id 9611E8FC13 for ; Tue, 13 Jan 2009 06:21:36 +0000 (UTC) (envelope-from bill@mi.celestial.com) Received: from localhost (localhost.localdomain [127.0.0.1]) by dorsai-02.celestial.com (Postfix) with ESMTP id AE44C20449A3 for ; Mon, 12 Jan 2009 22:21:35 -0800 (PST) X-Virus-Scanned: amavisd-new at celestial.com Received: from dorsai-02.celestial.com ([127.0.0.1]) by localhost (dorsai-02.celestial.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id eee3BsXByhh0 for ; Mon, 12 Jan 2009 22:21:35 -0800 (PST) Received: from ayn.mi.celestial.com (hayek.celestial.com [192.136.111.12]) by dorsai-02.celestial.com (Postfix) with ESMTP id 8525C20242D5 for ; Mon, 12 Jan 2009 22:21:35 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by ayn.mi.celestial.com (Postfix) with ESMTP id 582F968D483E5; Mon, 12 Jan 2009 22:21:35 -0800 (PST) X-Virus-Scanned: amavisd-new at mi.celestial.com Received: from ayn.mi.celestial.com ([127.0.0.1]) by localhost (ayn.mi.celestial.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id NfpqMFxLmYr0; Mon, 12 Jan 2009 22:21:35 -0800 (PST) Received: by ayn.mi.celestial.com (Postfix, from userid 203) id 2FEFD68614781; Mon, 12 Jan 2009 22:21:35 -0800 (PST) Date: Mon, 12 Jan 2009 22:21:35 -0800 From: Bill Campbell To: freebsd-questions@freebsd.org Message-ID: <20090113062135.GA11790@ayn.mi.celestial.com> Mail-Followup-To: freebsd-questions@freebsd.org References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.18 OpenPKG/% (2008-05-17) Subject: Re: NFS or an alternative? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd@celestial.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Jan 2009 06:21:37 -0000 On Mon, Jan 12, 2009, Jay Hall wrote: > I am in the process of redesigning my organization's network. And, > since we will be using mostly Macintosh OS X clients, I am considering > using NFS. However, I will need the ability to perform user/group > authentication since users may not always log in from the same PC. > > Essentially, each user has a home directory which only they, and > possibly their secretary, needs to have access to. And, we have > directories which groups of people need access to. > > From the reading I have done this evening, my understanding is NFSv4 > will meet all of these needs. Is this correct? And, is there a better > way to accomplish this? NFS is only part of the problem. We have done this using OS X, Linux, and FreeBSD clients using openldap for authentication and the amd automounter to handle home directories when there are multiple machines on which user's home directories may be found. When we create the openldap records, we map /home/username to /homes/username to avoid conflict with client machine's local user's directories. We have one system with about 10,000 users with multiple client machines handling mail delivery, pop, and imap to user's Maildir stores with the NFS mounted $HOME directories which has been working without a hitch for several years. In this case the main systems /home directory is NFS mounted to /homes on the client machine, specifying the tcp protocol for maximum reliability. Bill -- INTERNET: bill@celestial.com Bill Campbell; Celestial Software LLC URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way Voice: (206) 236-1676 Mercer Island, WA 98040-0820 Fax: (206) 232-9186 Permit me to issue and control the money of a nation, and I care not who makes its laws. -- Mayer Amschel Rothschild