:: Re: [DNG] Request for comments - tr…
Top Page
Delete this message
Reply to this message
Author: Alessandro Selli
Date:  
To: dng
Subject: Re: [DNG] Request for comments - training room
On 03/12/18 at 18:19, Tomasz Kundera wrote:
> On Sun, Dec 2, 2018 at 2:40 PM Rowland Penny <rpenny@???
> <mailto:rpenny@samba.org>> wrote:
>
>     On Sun, 2 Dec 2018 14:28:25 +0100
>     Tomasz Kundera <tnkundera@??? <mailto:tnkundera@gmail.com>>
>     wrote:

>
>     > You can still use NIS if you don't need the power (and
>     complexity) of
>     > samba.
>     >

>
>     NIS is a bit outdated and Samba isn't that complex from a Linux point
>     of view.

>
>
> It is outdated because?



  It's unencrypted, hard to firewall, unsecure by design.


> It works, at least in simple cases.



  Yeah, sure, even rsh works (sometimes), still it's a very outdated
protocol.


> The choice depends on your needs. Samba is not needed everywhere and
> yes, it is more complex then a simple NIS installation.



  My experience differs.  NIS relies on a number of RPC services, local
and netwide settings (nisdomainname vs. fqdn), server- and client-side
commands, files and related DBs that the first time I could get it to
work I uncorked the finest sparkling wine I had and rushed to set
everything I had done in virtual stone:

http://alessandro.route-add.net/Unixalia/configurare_NIS.html (in
Italian, sorry).


  A few years later, my first Samba installations were not as painful
and time-consuming, it's all in one config file (well, two with
smbpasswd), but maybe that's because I was not using it from Windows PCs.


> I do not suggest that samba is a bad choice. It depends on the needs
> as I have written above.



  I suggest to stay away from NIS except in a few cases:

 1. it was already setup and configured by someone else and it's working;
 2. it's operating in a secure, non critical environment;
 3. people in the organization are already familiar with it (ie, they're
    all grey-haired or bald and gray-bearded or look like Yoda);
 4. long-term support is not an issue.



  In all other instances, run LDAP and/or Samba instead.


--
Alessandro Selli <alessandroselli@???>
VOIP SIP: dhatarattha@???
Chiave firma e cifratura PGP/GPG signing and encoding key:
BA651E4050DDFC31E17384BABCE7BD1A1B0DF2AE