Mageia forum

[Rob_T]

It looks like I'll be doing a clean install of Mageia-3, so I need to decide what to use for network administration.

I need centralized management of user-names, passwords and auto-mounter maps. I currently have LDAP configured & running under Mageia-2- it works but it isn't really well integrated into the rest of Mageia. I used NIS in the past but made the switch about 5 years ago (due to concerns about NIS security and at that time ldap was being touted as "The Future", so I expected support to improve more than it actually did.)

The application is a home network server. It's behind a firewall but several ports are forwarded from the outside world so security is some concern (but not to the extent that it would be in a commercial environment).

Which would you pick today NIS, LDAP or something different? and why?

[doktor5000]

Well, NIS and LDAP are not encrypted by default, so both are unsecure.
NIS+ may be an option, but i don't know about linux support for that. LDAP is more complex but also more versatile.
If you only need users/passwords, Kerberos may be an option.

[Rob_T]

For the record, I decided to stay with LDAP as its what I've used most recently. I have it setup with certificates, so I think that means the network traffic is encrypted doesn't it?

[wintpe]

for a home network it does not realy matter, your probably in an unroutable network, and as long as you have locked down those forwarded ports, then should be OK.

as Doktor already said, if you are trying to build your expirience for big comercial site expirience, then ldap for authorization, but not authentication, same with nis or nss_mysql, all these systems have inherent weaknessess in authentication.

kerberos is definitly the way to go for authentication.

for home network it realy does not matter, as you only store users not root/system accounts in these services, so the root/system account is always protected localy.

regards peter