[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: User management
|
From: |
Matthew Palmer |
|
Subject: |
Re: User management |
|
Date: |
Wed, 28 Sep 2005 12:06:15 +1000 |
|
User-agent: |
Mutt/1.5.6+20040907i |
On Tue, Sep 27, 2005 at 04:21:06PM -0700, Martin, Jason H wrote:
> Are you sure you want to do this with CFEngine instead of via something
> like LDAP?
Not entirely sure, but I'm pretty confident. In particular, the use case
where LDAP doesn't work for me is in very distributed circumstances, where
there's the odd machine scattered here and there, and the times when I'll
have to log into it are when it is probably a bit thin on network
connectivity. In that instance, I'd have to locally replicate the LDAP tree
onto the machine, which would Suck Very Hard(tm).
> An editfiles block for /etc/passwd and /etc/shadow would probably work.
I'd considered that, but got caught on the problems of UID/GID allocation
(which I could work around with local admin blocks, it is true) and home
directory creation, which I'd also have to manage in cfengine in a separate
bit of hoohah. It's a definite possibility, though, and I might take
another look at it to see if it really is as icky as I initially thought.
Thanks for your input,
- Matt