Hi. I inherited a research cluster where all compute nodes are linux and infrastructure services(DNS, DHCP, pf, NIS) are provided by FreeBSD. So, the current authentication system is NIS. There are about 100 users who has data on a shared NetApp NFS storage.
For reasons out of scope of this question, we need to move authentication to FreeIPA.
I'm thinking that I can stand up a FreeIPA server, and create new users and groups with the same corresponding UIDs and GIDs from NIS. If I do so, would the new FreeIPA authenticated users be able to read their old files without trouble?
I will try it with a spare node before big cluster change, but wanted to check here if there huge holes in my idea..
My game plan is : bring the cluster down during scheduled maintenance, make the compute nodes FreeIPA clients, and reboot.
Any references to read or suggestions based on "How would I do it if it were me" would be very helpful to me.
[link] [comments]
