Date: Tue, 7 Jun 2005 19:09:19 -0500 (CDT) From: Tony Shadwick <tshadwick@goinet.com> To: freebsd-questions@freebsd.org Subject: Laptops, centralized authentication, and "roaming profiles" Message-ID: <20050607190008.G64334@mail.goinet.com>
next in thread | raw e-mail | index | archive | help
I have a question of theory that has been bugging me that I thought I would throw at the list. Presume this configuration: a typical small to medium sized company, we'll say 25 workstations, all running some version of *nix, for sanity we'll presume all FreeBSD, but I see no reason some couldn't be linux or osx. I could set up centralized authentication via NIS or LDAP without too much difficulty. I'm aware of the differences in password schema that must be overcome, but I've learned to deal with this. So now I can go workstation to workstation and log in, no problem. NFS can be set up equally well. No issues. In the scenario with desktop machines, this quite simply isn't a problem so long as you are okay with working on everything across the network. Something about that bugs me though...really. You wind up eating up network resources constantly. :\ Anyway, that's a tangent to the real kicker. Laptops. They don't stay put! (well duh) Okay, so the user can log in to the "domain" if you will when in the office, and sure, NFS will automount, but what happens when the user leaves the office? I've done some quick searching on "roaming profiles" (I actually googled 'linux roaming profiles' with little success). So how should one play this out? I personally am on a Powerbook, and have intentionally set up local user auth. I open and close my laptop to sleep it, leave a network, open it and next thing you know you're on a new network. Now, the fact that you generally only have 1 user per laptop makes this "kind of" okay, but your home directory is no longer centralized, you home directory doesn't get backed up, and now I'm dealing with a user that really isn't auth'ing against the domain, and having to alot permissions for such user, and having to manage local machine uid's and gid's. Ugh! You see the cluttered path my mind is wandering down here? Is there already a solution to this, or is it still someone one must hack for themselves?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050607190008.G64334>