>> Is there a "better" NIS [...] > >I'd be interested in hearing about any such. I'm almost ready to try >my hand at writing one myself, but so far the perceived need has not >yet been sufficient to make me allocate the time. OSF DCE might do a lot of what is wanted. However, it is still a bit early in it's development and lacks a lot of utilities and the pre 1.1 user interface stinks (haven't tested the 1.1 version yet, but the info on it claims improvements), but I have the feeling that things might be about to take off on the DCE scene. With IBM, HP and Digital backing OSF, it most certainly have the potential. Even Microsoft is involved... (yep, there is NT, DOS, windows and OS/2 software out there...) The RFC that is out on DCE 1.2 and the changes in DCE 1.1 (released from OSF late last year) seems to fix a lot of the negative things I've so far experienced while using a small test setup. I have to admit however, that I haven't looked very deeply into security issues regarding DCE, but the security services in DCE is based on Kerberos 5 and more or less all additional services does Kerberos 5 authentication. The possiblities here are huge. Anything can potentially use the authentication and cryptation services in DCE. X11, WWW, databases... you name it. You also get DFS which is an AFS like distributed file system using the Kerberos 5 authenticated rpc provided by DCE. Perfomance test I've done on a small test setup indicates that it beats NFS on performance in almost all circumstances (it does use a more cpu and memory and also needs room for a local disk cache of some size however)... and since NFS security is virtually non-existant, it should be a lot better on security as well. Check out OSF's www server (http://www.osf.org) or the comp.soft-sys.dce news group for more information. Terje Marthinussen terjem@staff.cs.uit.no