Peng Yu writes:
I see on the above URL that OpenLDAP can be used to sync UID/GID. But
it is not clear to how to do it. Could anybody point me some
"... as you have to keep the UID and GIDs in sync - use something like
Read those words in context - they're from a reply to the previous
paragraph in that URL:
If you NFS-mount file systems but keep users' UIDs/GIDs of in local files
(/etc/passwd & co), *then* you need to keep these files in sync between
the hosts. So instead keep the UIDs/GIDs in a single place - OpenLDAP -
and set up your machines to get the users' UIDs/GIDs from there.
You can sync to a backup LDAP server with syncrepl/syncprov, but that's
Anyway, configure pam and nss to get user/group info from LDAP. You'll
likely want to cache LDAP results locally, but avoid the problematic
"nscd" program for that. sssd-ldap or OpenLDAP:slapo-nssov seem to be
the stuff to look at nowadays, but I have not kept track. There's
plenty to read about it on www.