If I keep telling myself to do this stuff, eventually I will!* Setup a bacula server and service to regularly back everything up* Setup LDAP for nss on all servers


I want to use this with ldap:


I’ve followed NSSLDAPSetup on the Debian wiki and I ran into an issue where I had to use:


instead of:

uri ldap://

Cool! I think I got it working. So the very cool part about this is the the ‘nss_updatedb ldap passwd” does exactly what I’d hoped it would do. Its not a cache, its a local copy. Cool!

Actually nss_update is only for passwd and group, so that leaves shadow. It is suggested in the nss_updatedb README that libpam_ccreds can be used for that function.

More notes here:

LDAP Notes at Docunext

To-do list: * Improve admin security * Stop using debconf for libnss_ldap.conf and pam_ldap.conf and instead use csync2?* Ensure replication across VPNs


The progress is going well. Migrating additional machines after the first few is quite easy. I’m a little concerned about disconnected access, but I guess if the machine is disconnected, I wouldn’t be able to ssh in anyway.

Bacula / Backups

John Goerzen has a great post about the latest and greatest backup utilities:


I’ve tried duplicity and wasn’t thrilled, but dar sounds awesome.

UPDATE April 14, 2008 - I just realized that John Goerzen is the author of offlineimap - that’s awsome! I love that program. :-)

This looks pretty good too: