Hi everybody!
I'm a openldab absolute beginner so..
I started my training with user management, and was wondering if it was a good practice to move the whole /etc/passwd to ldap and let nsswitch jusst to 'ldap' the passwd,group,shadow items
passwd: ldap group: ldap shadow: ldap
I tried and I faced some obvious issues like client's boot errors etc. It worked but at the cost of a looong timeout..
- Is there any point in moving the whole /etc/passwd and groups, or is maybe better to move the root and other 'human' accounts, leaving local just the system users and groups?
- was it better to keep the user's home directories (including /root) locally on the client, or better to move them on the ldap server, letting them be net- mounted on the client fs?
Is it theoretically (and practically :-) ) possible to use ldap and remove from clients all the account management related binaries (useradd etc.) and /etc/passwd and /etc/groups?
maybe naive questions..sorry :-)
bye, Stefano.