jgroves@hawk.ulowell.edu (Jonathan Groves) (02/03/91)
In November there was a great discussion of NFS schemes. To almost continue with that theme, I'd like to know what schemes people are using to make their systems transparent. (ie. no mater what machine I log into, I still have the same passwd, and privileges...) I know that YP/NIS is a common system developed by Sun. Is there any advanytages or disadvantages people have found using Yellow Pages/Network Information Systems over another method of passwd, group, etc propagation. Both follow ups and replies are welcome. I'll try to summerize if there is some serious dicussion. +-+n Jonathan Groves Internet: jgroves@hawk.ulowell.edu | |U Snail: 1 Univ. Ave. BOX 487 UUCP: ...!bbn!ulowell!hawk!jgroves | \_/+ Dungeon: (508)452-8586 [Voice] +----+ ULowell 1 University Avenue Lowell, MA 01854 (508)934-4000
lindner@cs.umn.edu (Paul Lindner) (02/05/91)
In <1991Feb2.200344.29816@ulowell.ulowell.edu> jgroves@hawk.ulowell.edu (Jonathan Groves) writes: >In November there was a great discussion of NFS schemes. >To almost continue with that theme, I'd like to know >what schemes people are using to make their systems >transparent. (ie. no mater what machine I log into, >I still have the same passwd, and privileges...) >I know that YP/NIS is a common system developed by Sun. >Is there any advanytages or disadvantages people have >found using Yellow Pages/Network Information Systems >over another method of passwd, group, etc propagation. One thing that I've noticed with YP/NIS is that when everything is up and running and stable, YP works just great. However if you have many machines going up and down, and you don't trust your server, well, the results can be very, very ugly. Another problem occurs when you have multiple platforms in the same YP domain. Different vendors will occasionally have quirks in their YP implementation that cause all sorts of fun. For instance when I brought up a bunch of HP workstations on my predominantly Sun YP domain, I found out that the HP server didn't do a very good job of being a slave server, in fact it screwed up and started answering requests with it's local data! Very Ugly. However the straw that breaks the camels back in a large network domain is usually the mail server. Every single workstation will usually mount /usr/spool/mail from somewhere, usually the YP server. This seems to cause more problems than having just the YP server going down. When your master goes down you can usually rely on the slave servers, not so with the mail server. On the other side of the spectrum I also manage a small network of machines from a plethora of different vendors. Running YP in this situation is always a mistake. First off, the configuration is always changing. Frequently we'll receive loaners or demo models that must be integrated easily into our network. Secondly, we again face the minor incompatibilities of various YP implementations. In this case using rdist to keep up to date password files is much more rational (and efficient too). To keep sanity in relation to home directories, every machine has it's own (maybe large/ maybe small) home directory structure. Thus any given machine will not depend on any other machine for a home directory. But since the UIDs are the same across the many platforms, a user can mount the home directories from another system if more space is needed. The automounter is a great help here. In short, my views are that YP is best left for stable single vendor domains. We must turn to other methods when this isn't true. Also -- Paul Lindner, Univ. of MN \ Microcomputer / Pauls Law: You can't IT Sun dude, & UofM ACM pres \ Workstation / fall off the floor. lindner@boombox.micro.umn.edu \ Networks / {...!rutgers!umn-cs!lindner} | | | | | | | | |||||\ Center /||||| | | | | | | | |