Overview : Community : Archive : Tools : Showcase

Archives


- Beowulf
- Beowulf Announce
- Scyld-users
- Beowulf on Debian

[Beowulf] Re: NIS to LDAP gateway

Many of your questions may have already been answered in earlier discussions or in the FAQ. The search results page will indicate current discussions as well as past list serves, articles, and papers.

Search

Bjorn Tore Sund bjornts at mi.uib.no
Thu Feb 16 01:34:38 PST 2006 



On Tue, 14 Feb 2006 beowulf-request at beowulf.org wrote:

> Andrew D. Fant wrote:

> > The talk of NIS servers has raised a question I had been meaning to 
> > ask.  Does anyone know about a NIS/LDAP gateway?  Our cluster's 
> > compute nodes are all on a private network that is isolated from the 
> > primary network here.  Currently, we manage passwords and accounts 
> > by just copying the password, group, and shadow files from the user 
> > node to the compute nodes on a regular basis.  NIS was not used out 
> > of somewhat misplaced fears about it's insecurity.  We are under a 
> > mandate now to start using the enterprise LDAP directory for 
> > authorization and authentication on the cluster.  I really don't 
> > want to have to set up a full-fledged LDAP environment on the head 
> > node, or change my address space and start routing packets between 
> > the cluster and the outside world.  I've heard rumors that there are 
> > daemons out there that can connect to LDAP on one side and that act 
> > like ypserv on the other side and translate and route getpwent() and 
> > related requests between the two worlds.  Has anyone actually seen 
> > and/or used this beastie? Alternately, has anyone ever set up an 
> > LDAP proxy for use inside a cluster?  The only packet routing we 
> > have between the outside world and the cluster is currently daemon 
> > based on the management node, and I dread adding packet forwarding 
> > to the iptables configuration on the head nodes and becoming a 
> > perceived competitor to our networking group.

I seem to be lagging sadly behind with this email list...  The 
standard tool for this (unless you have Solaris with nis2ldap 
built-in) is a commercial product from PADL, 
http://www.padl.com/Products/NISLDAPGateway.html

There's an evalutation download.

-Bjørn
-- 
Bjørn Tore Sund           Phone:  (+47) 555-84894    Stupidity is like a
System administrator      Fax:    (+47) 555-89672    fractal; universal and
Math. Department          Mobile: (+47) 918 68075    infinitely repetitive.
University of Bergen      VIP:    81724
Support: http://bs.uib.no Contact: teknisk at mi.uib.no Direct: bjornts at mi.uib.no

More information about the Beowulf mailing list

Home | Overview | Community | Archive | Tools | Showcase

Copyright © 2004 Beowulf.org. All Rights Reserved.