[Labs-l] RFC: Webtools setup
Platonides
platonides at gmail.com
Sun Feb 17 20:39:43 UTC 2013
On 17/02/13 20:23, Ryan Lane wrote:
> On Sun, Feb 17, 2013 at 8:10 AM, Platonides wrote:
> It provides a “shared passwd”. See
> http://en.wikipedia.org/wiki/Network_Information_Service
> There's not a special advantage of using it instead of LDAP other than
> "it manages global accounts" and "It's not LDAP", you already have
> libraries for that and it'd be trivial to chain ldap and nis.
>
> NIS is just insecure LDAP. It's been deprecated for ages and shouldn't
> be used. Let's not introduce another auth service. We can either use
> ldap for this, or we can use puppet.
Those users wouldn't have passwords enabled, so there wouldn't be
password hashes moved around. However, as I said I would prefer to use a
single auth server. So it's a matter that the webtool creator can
request a new username to be inserted in ldap as a tool username
(preferably with as little trust in the tool as possible).
More information about the Labs-l
mailing list