Promoting LDAP vs NIS on RHL

[Dax Kelson]

An LDAP directory can have numerous advantages over NIS. For example:

* Strong mutual authentication of client machines and LDAP servers
* All network traffic and be encrypted (by mandate even) via SSL or TLS.
* A rouge root on client machines cannot access user data, collect
encrypted password strings for user accounts
* Shadow password functionality including aging can be used

I would like to encourage Linux sysadmins to "properly" and securely
setup LDAP directories as opposed to NIS.

What can be done to encourage this?

For starters, it would be nice to have a good generic LDAP directory
browser/editor that was SSL/TLS enabled. RHL7.3 shipped with a decent
one, GQ, but it was dropped.

The slick looking "directoryadministrator" can be used to administer an
directory post-setup.

Any have other ideas?

I'll have a follow up as well.

Dax Kelson
Guru Labs