[ale] LDAP and System Users/Groups

Jim Kinney jim.kinney at gmail.com
Tue Mar 23 22:18:47 EDT 2010


Ditto on oracle. System accounts get handled by the local machine.
That said, putting oracle accounts in ldap is a good thing for large
environments.
For distros like rhel, apache install creates local system accounts. Since
all system accounts will, by default, have uid <500 , using ldap for all
ordinary, non-system accounts is pretty straight forward.
There is also a non standard patch that stores ssh pub keys in ldap for no
password ssh access.

On Mar 23, 2010 8:45 PM, "adam" <prozaconstilts at gmail.com> wrote:

brian at polibyte.com wrote:
> Hi,
>
> I'm curious how people administering services on linux in envir...
I keep systems accounts on local systems.

Oracle (of course), likes to do it differently. I build an oracle user
and group in ldap, but since I install oracle from their vanilla
distributions, and not via a package system, that means I get to define
the users and groups during installation that oracle will be assigned to
use, and not have a package manager decide what to do.

If, for some reason, you have a packaged oracle that you have to use,
I'd then stick to local system accounts. It'll make patching and
updating later a lot less painful.

Adam


_______________________________________________
Ale mailing list
Ale at ale.org
http://mail.ale.org/ma...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20100323/842d775b/attachment.html 


More information about the Ale mailing list