A consultant who is working on the server is setting up all the users
in Netinfo instead of using OD what are the advantages of doing this?
This doesn't seem right to me.
(in other words he authenticates to /Netinfo/defaultLocalnode)
I thought users and groups were supposed to be created in OD?
Open Directory *includes* NetInfo. Just like it includes flat files,
Active Directory, NIS, and LDAP.
Where any one site chooses to place it's users is not a technical
matter but a cultural, religious or practical one.
And if you're not operating in a shared directory environment, or you
have nothing but local system users there's not much reason to not
use NetInfo if that's what youy prefer
At 7:18 PM -0500 1/17/07, david wrote:
The answer to this is potentially lengthy, but the real answer is
that NetInfo is deprecated for this purpose and you should be using
"Open Directory" and all that means, including LDAPv3.
Again, Open Directory isn't a thing. It's a concept. It's a set of
directory services that can operate against a wide -- open -- array
of datastores.
So the above comment is nonsensical.
Moreover "deprecated for this purpose"??? How odd you'd say this yet
*all* local system and admin accounts are stored where??? NetInfo. So
it's hardly deprecated, there just may be better choices.
At 9:36 PM -0800 1/17/07, Jose Hales-Garcia wrote:
NetInfo won't scale as well, won't be as secure, and won't integrate
with other Apple components as well OD.
NetInfo *does* scale. It does permit shared stores and
interoperability between systems in a domain based structure. Or
perhaps you missed the entire world of NeXTSTEP and Puma, Cheetah,
and Jaguar.
OD is OpenLDAP+Kerberos+SASL.
No it clearly is not. It is a concept.
One very common implementation with Open Directory is the above
combo, but Active Directory is also common, and I work in several
shops that use NIS because they have Sun's
It's seamlessly managed using Workgroup Manager even though the
tools are available in the command-line to manage each of these
systems individually if you have to.
And the same tool manages NetInfo so I don't know why you mention
this in this way.
OD integrates with Kerberized applications like loginwindow and
Apple's services like Apache, VPN, Postfix/Cyrus, etc.
LoginWindow works perfectly well with, say flat files, too.
You'd really be holding yourself back to Mac OS X circa 2001using NetInfo.
Not at all. If you are running Leopard you might "spot" some things.
Open Directory allows you to have users in *any* datastore that you
wish, in any combination. So you can have directory data in NetInfo
and LDAP as well as flat files and NIS all at the same time.
For 50 users, especially ones who have stand alone user machines that
don't authenticate against the server for their local logins, NetInfo
is probably a simple way to go.
--
-dhan
------------------------------------------------------------------------
Dan Shoop AIM: iWiring
Systems & Networks Architect http://www.ustsvs.com/
email@hidden http://www.iwiring.net/
1-714-363-1174
"The wise man doesn't give the right answers, he poses the right
questions." -- Claude Levi-Strauss
iWiring provides systems and networks support for Mac OS X, unix, and
Open Source application technologies at affordable rates.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
