Directory-Based Information Services: Users and Groups
This document extends Directory-Based Information Services (DBIS) described in [draft-bannister-dbis-mapping-00] to support passwd and group databases. The passwd and group database schemas SHALL be backwards compatible with the Network Information Service [NIS] but stored within [X.500] entries so that they may be resolved with the Lightweight Directory Access Protocol [RFC4510]. A passwd database represents user login accounts on UNIX and UNIX- like systems and a group database represents user groups. This document describes configuration maps [draft-bannister-dbis- mapping-00] for passwd and group databases, and database entries referenced by those maps. Overlays may optionally be used to help reduce the complexity of merging multiple DBIS domains in large environments by permitting groups of hosts to have variations in their UIDs, GIDs, home directories and login shells.