On Tue, 22 Jan 2002, Matt Johnson wrote:
Am I right in thinking that I could symlink /etc/passwd and /etc/group from a 'server' (main machine) to others to enable network logons? What other files would need linking?
Um...no. At least, I don't think so. Problem is that network mounts don't exist at system boot: obviously they can't exist until after networking is started. I don't *know* what will happen if you boot a system in which /etc/passwd is a dead symlink, but I wouldn't want to try it on a production system! You might be able to get away with some kind of trick in which /etc/passwd is a symlink to /etc/server-config-files/passwd where /etc/server-config-files/passwd contains definitions for the basic users (root etc) and then the server's /etc is mounted to /etc/server-config-files. I don't know if this would work or not; it depends on whether or not any processes that start before the network mount keep an open filehandle to /etc/passwd.
Am I also right in thinking that I could map /home to said 'server' from all 'clients'?
Yes, this can be done.
If I can do both these things, why use NIS?
NIS doesn't have anything to do with distributing /home. It provides one way of centralising user authentication and the user database. Personally, I'd play with Kerberos and LDAP. LDAP because you get all sorts of side-benefits like your address book coming direct from the user database and the ability to delegate admin tasks: you can, for example, create a group for staff that are able to change pupil passwords (but not passwords of other staff) and are not able to create new users. Kerberos because it's the recommended authentication method for use with LDAP and because it is essentially a rather nice protocol. Up to you, of course, but that's how I would (and do) go about it. Michael