Date: Wed, 10 Apr 2002 01:02:44 +1000 (Australia/ACT) From: Darren Reed <avalon@coombs.anu.edu.au> To: marquis@roble.com (Roger Marquis) Cc: security@FreeBSD.ORG Subject: Re: Centralized authentication Message-ID: <200204091502.BAA10372@caligula.anu.edu.au> In-Reply-To: <20020409073815.Q26460-100000@roble.com> from "Roger Marquis" at Apr 09, 2002 07:52:38 AM
next in thread | previous in thread | raw e-mail | index | archive | help
In some mail from Roger Marquis, sie said: > > Samuel Chow wrote: > > How about NIS? I use it at home with a total > > of two machines and one users. > > I've used NIS with over 30,000 users, and adminitered 2 domains > with over 2,500 users and experienced near zero problems. NIS+ > may be a bit more difficult given it's Kerberos roots but it is > being used successfully in shops with hundreds of NIS+ accounts > and hosts. Adminning Sun NIS servers and clients is neither > difficult nor complicated even with NFS and automount. Not sure > if the same is true for FreeBSD servers however. Where I work, we have experience with a production NIS+ database of double the size you have for NIS. After many requests to Sun, we're given the impression that they know of nobody else using NIS+ to such a large scale (even to the 1000s or 10,0000s). NIS+ is secure, if you don't have to do NIS, but you must get all your procedures *correct*, especially when changing passwords, or you are "fucked". Darren p.s. sorry for the french, but I believe that sums it up perfectly. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200204091502.BAA10372>