Difference between revisions of "Centralized Authentication Proposal"
(→OpenLDAP/389 Directory) |
|||
| Line 26: | Line 26: | ||
====OpenLDAP/389 Directory==== | ====OpenLDAP/389 Directory==== | ||
| − | + | * LDAP is an industry standard | |
| + | * Extensible | ||
| + | * Fine Grained | ||
====Kerberos/Heimdall==== | ====Kerberos/Heimdall==== | ||
====Other==== | ====Other==== | ||
Revision as of 11:48, 24 April 2012
While implementing the BCFG2 configuration management system on the build farm, the prospect of having a passwd, shadow and group file controlled by the utility was brought up several times. While this is one method of managing a consistent set of users and groups across the build farm, I feel that there is other software available that would be better suited for this task.
Contents
Arguments For
- More easily managed users
- consistent home directories over NFS
- SSH keys always there
- Test builds stored on network drive/doesn't take up space on builders
- More modern approach to user management
- Less inconsistencies throughout builders
Arguments Against
- Additonal services running on Honkgong
- Increased network traffic
- additonal point of failure
Means and methods
NIS/NIS+
- Pros
- Quick and easy
- Cons
OpenLDAP/389 Directory
- LDAP is an industry standard
- Extensible
- Fine Grained
