Difference between revisions of "Centralized Authentication Proposal"
| Line 2: | Line 2: | ||
| − | + | ===Arguments For=== | |
* More easily managed users | * More easily managed users | ||
* consistent home directories over NFS | * consistent home directories over NFS | ||
| Line 10: | Line 10: | ||
* Less inconsistencies throughout builders | * Less inconsistencies throughout builders | ||
| − | + | ===Arguments Against=== | |
* Additonal services running on Honkgong | * Additonal services running on Honkgong | ||
* Increased network traffic | * Increased network traffic | ||
| Line 16: | Line 16: | ||
| − | + | ===Means and methods=== | |
| − | + | ====NIS/NIS+==== | |
* Pros | * Pros | ||
** Quick and easy | ** Quick and easy | ||
| Line 25: | Line 25: | ||
** | ** | ||
| − | + | ====OpenLDAP/389 Directory==== | |
- Standard | - Standard | ||
| − | + | ====Kerberos/Heimdall==== | |
| − | + | ====Other==== | |
Revision as of 16:03, 23 April 2012
While implementing the BCFG2 configuration management system on the build farm, the prospect of having a passwd, shadow and group file controlled by the utility was brought up several times. While this is one method of managing a consistent set of users and groups across the build farm, I feel that there is other software available that would be better suited for this task.
Contents
Arguments For
- More easily managed users
- consistent home directories over NFS
- SSH keys always there
- Test builds stored on network drive/doesn't take up space on builders
- More modern approach to user management
- Less inconsistencies throughout builders
Arguments Against
- Additonal services running on Honkgong
- Increased network traffic
- additonal point of failure
Means and methods
NIS/NIS+
- Pros
- Quick and easy
- Cons
OpenLDAP/389 Directory
- Standard
