Laptops, centralized authentication, and "roaming profiles"
tshadwick at goinet.com
Wed Jun 8 00:09:31 GMT 2005
I have a question of theory that has been bugging me that I thought I
would throw at the list.
Presume this configuration: a typical small to medium sized company, we'll
say 25 workstations, all running some version of *nix, for sanity we'll
presume all FreeBSD, but I see no reason some couldn't be linux or osx.
I could set up centralized authentication via NIS or LDAP without too much
difficulty. I'm aware of the differences in password schema that must be
overcome, but I've learned to deal with this. So now I can go workstation
to workstation and log in, no problem.
NFS can be set up equally well. No issues. In the scenario with desktop
machines, this quite simply isn't a problem so long as you are okay with
working on everything across the network. Something about that bugs me
though...really. You wind up eating up network resources constantly. :\
Anyway, that's a tangent to the real kicker.
They don't stay put! (well duh)
Okay, so the user can log in to the "domain" if you will when in the
office, and sure, NFS will automount, but what happens when the user
leaves the office? I've done some quick searching on "roaming profiles"
(I actually googled 'linux roaming profiles' with little success).
So how should one play this out? I personally am on a Powerbook, and have
intentionally set up local user auth. I open and close my laptop to sleep
it, leave a network, open it and next thing you know you're on a new
network. Now, the fact that you generally only have 1 user per laptop
makes this "kind of" okay, but your home directory is no longer
centralized, you home directory doesn't get backed up, and now I'm dealing
with a user that really isn't auth'ing against the domain, and having to
alot permissions for such user, and having to manage local machine uid's
and gid's. Ugh!
You see the cluttered path my mind is wandering down here?
Is there already a solution to this, or is it still someone one must hack
More information about the freebsd-questions