Many thanks to all the people who replied.
The original question was:
I consider to setup C2 (enhanced security) under ASE with NIS but local
Compaq does not recommend to do so.
With C2 the prpasswd maps must be recreated every time a user attempts to
log in. The problem is that C2 updates the TCB database
with last successful or unsuccessful login time - each of these changes
means that NIS maps must be remade and redistributed.
A side effect of theses increased authentication requirements is a single
point of failure, the NIS master.
Is there any alternative ?
I got many replies (1 even within 10 minutes from Adel Kamal !).
Apparently it all depends on the O/S version.
V5.* clusters have a single system image so there is no need to use NIS if
you don't distribute the users outside the cluster.
V4.0*: use NIS to distribute the passwd and group databases and use NFS to
distribute the
Enhanced Security authentication database (auth.db/prpasswd). The NFS
filesystem can be set up as a cluster service, removing the
single point of failure.
See section 1.12 in the following link:
http://tru64unix.compaq.com/faqs/publications/cluster_doc/cluster_16/TCR_RNS
Create the user's home directory on the same NFS cluster service.
Others recommended me not to use NIS at all because of security and/or
single point of failure reasons.
Special thanks to:
Adel Kamal
Corinne Haesaerts
William H. Magill
Ann Majeske
Denise Dumas
Alay Shah
Ken Kleiner
Rochelle Lauer
kind regards,
Tom Zuurbier
Origin-IT Thailand
Received on Wed Dec 20 2000 - 03:00:39 NZDT