On 9 August 2015 08:24:35 CEST, Konstantin Olchanski <[log in to unmask]> wrote:
>Certainly the Red Hat manuals only talk about using LDAP for user login
>management, not a word about NFS/autofs.

<https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/configuring-automount.html>

Yes, it is not a plain LDAP setup, as IPA makes the whole setup and configuration fairly easy.

>Then, redundant NIS configuration is trivial (with NIS slave servers).
>Redundant LDAP configuration requires another couple of week of reading
>LDAP manuals and playing with test clusters, yes?

<https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/Setting_up_IPA_Replicas.html>

Again, IPA makes this very simple. Without any IPA experience, I re-configured approx 25 SL boxes with 3 IPA servers, including full master-master replication in 3 days.

>It would probably take less time to reimplement NIS using
>perl/scp/rsync (to copy /etc files from master to client)
>than to figure out all this LDAP stuff.

That can certainly be seen as more lightweight, but adds a very different and a far more non-standard maintenance burden.  Even if IPA adds a lot of extra packages, the CPU and memory load isn't that bad, and in a DC with virtualization it definitely doesn't add that much complexity.

--
kind regards,

David Sommerseth