[Beowulf] Re: NIS to LDAP gateway

Bjorn Tore Sund bjornts at mi.uib.no
Thu Feb 16 01:34:38 PST 2006 



On Tue, 14 Feb 2006 beowulf-request at beowulf.org wrote:

> Andrew D. Fant wrote:

> > The talk of NIS servers has raised a question I had been meaning to 
> > ask.  Does anyone know about a NIS/LDAP gateway?  Our cluster's 
> > compute nodes are all on a private network that is isolated from the 
> > primary network here.  Currently, we manage passwords and accounts 
> > by just copying the password, group, and shadow files from the user 
> > node to the compute nodes on a regular basis.  NIS was not used out 
> > of somewhat misplaced fears about it's insecurity.  We are under a 
> > mandate now to start using the enterprise LDAP directory for 
> > authorization and authentication on the cluster.  I really don't 
> > want to have to set up a full-fledged LDAP environment on the head 
> > node, or change my address space and start routing packets between 
> > the cluster and the outside world.  I've heard rumors that there are 
> > daemons out there that can connect to LDAP on one side and that act 
> > like ypserv on the other side and translate and route getpwent() and 
> > related requests between the two worlds.  Has anyone actually seen 
> > and/or used this beastie? Alternately, has anyone ever set up an 
> > LDAP proxy for use inside a cluster?  The only packet routing we 
> > have between the outside world and the cluster is currently daemon 
> > based on the management node, and I dread adding packet forwarding 
> > to the iptables configuration on the head nodes and becoming a 
> > perceived competitor to our networking group.

I seem to be lagging sadly behind with this email list...  The 
standard tool for this (unless you have Solaris with nis2ldap 
built-in) is a commercial product from PADL, 
http://www.padl.com/Products/NISLDAPGateway.html

There's an evalutation download.

-Bjørn
-- 
Bjørn Tore Sund           Phone:  (+47) 555-84894    Stupidity is like a
System administrator      Fax:    (+47) 555-89672    fractal; universal and
Math. Department          Mobile: (+47) 918 68075    infinitely repetitive.
University of Bergen      VIP:    81724
Support: http://bs.uib.no Contact: teknisk at mi.uib.no Direct: bjornts at mi.uib.no

More information about the Beowulf mailing list