MS2LINUX - Authentication basics
Scott H
plug-discuss@lists.plug.phoenix.az.us
Wed, 9 Oct 2002 21:25:10 -0700 (PDT)
> From: David Mandala <davidm@them.com>:
> Oh, you actually don't have to maintain the
> accounts on the server it's
> just recommended to since you would be
> completely locked out in the
> event of a network failure or if the main
> authentication box failed.
Let me see if I understand this right (pardon me
if I'm dense on this, I'm a recovering MS Admin
:) In this setup, you keep user accounts both on
a NIS server and on the local machines? And
these match? NT/W2K does something similar to
this: NT4 and W2K boxes cache user credentials on
the local machine after any successful domain
login. A user on our network ALWAYS
authenticates to the domain, not to the local
machine (except for certain troubleshooting, of
course), so if a Domain Controller is
unavailable, the user can still log on to their
machine, with the cached domain credentials.
> David Mandala:
> Bill I am bit confused would you please be
> more explicit? Both on the
> NIS "1/2" of your passwd/shadow/group files
> and on the Linux not
> maintaining the authentication.
> Bill Warner:
> basically you can maintain system accounts on
> the box like root and bin
> but have the users on the nis server. There
> is a code i think it was ++
> that up put after the last system account on
> the box that was the key to
> say pull the rest of the passwd file form the
> nis server.
Bill, in this setup, then, the user wouldn't be
able to log in with a regular user account if the
NIS server was unavailable... right?
.
__________________________________________________
Do you Yahoo!?
Faith Hill - Exclusive Performances, Videos & More
http://faith.yahoo.com