An LDAP directory can have numerous advantages over NIS. For example: * Strong mutual authentication of client machines and LDAP servers * All network traffic and be encrypted (by mandate even) via SSL or TLS. * A rouge root on client machines cannot access user data, collect encrypted password strings for user accounts * Shadow password functionality including aging can be used I would like to encourage Linux sysadmins to "properly" and securely setup LDAP directories as opposed to NIS. What can be done to encourage this? For starters, it would be nice to have a good generic LDAP directory browser/editor that was SSL/TLS enabled. RHL7.3 shipped with a decent one, GQ, but it was dropped. The slick looking "directoryadministrator" can be used to administer an directory post-setup. Any have other ideas? I'll have a follow up as well. Dax Kelson Guru Labs
