[Beowulf] Cluster Authentication (LDAP,NIS,AD)

[Robert Taylor]

Hi cluster gurus. I want to pick the your collective brains.
Right now, where I work, we have and isilon, and netapp, which we use for
our small 250core compute cluster.

We have NIS for authentication and automount maps on the cluster side, and
AD for authentication on the windows side, and LDAP for yet for other
things to authenticate against.
The storage is connected to both nis and AD, and does it's best to match
the two sides up.
We have had some odd issues with authentication as of late with sources
getting out of sync, which has brought up the discussion for consolidating
down to a single source of truth, which would be AD. RFC2307 talks about
stuffing NIS data into LDAP/AD, and there are commercial products such as
centrify that can do it.

Does anyone run an entirely AD authentication environment with their
compute cluster
authenticating against it and using it for automount maps and such?
Can you tell me what were your reasons for going that way, and any snags
that you hit on the way?

We've just started looking at it, so I'm on the beginning of this road.

Any responses is appreciated.

Thanks.

rgt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.beowulf.org/pipermail/beowulf/attachments/20171227/b5060666/attachment.html>