Re: Sparc Solaris NIS client Linux NIS server


"Chris Cox" <ccox_nopenotthis@xxxxxxxxxxx> wrote in message
news:11ps8mre0vnscca@xxxxxxxxxxxxxxxxxxxxx

> If the number of accounts are small (not in the 10,000's) then
> managing users with NIS is much simpler than with .. let's say...
> LDAP. If you have an existing Windows infrastructure, it's
> fairly trivial to auto create NIS users based on Windows
> account data and tie the password back to the Windows
> password server (which may bother Unix purists... but does
> work.. and if you've got the ugly animal there anyway...
> might as well use it).

Bullwinkle, that trick *NEVER* works. The NIS stored password information is
very distinct from the password management used for Windows or even Samba.
LDAP works much, much better for providing single-source authentication.

> I've used the technique at a platics production facility
> with good success. You just add users to the Windows domain
> (pretty much assumes a single Windows domain) and then
> they automatically get NIS accounts when they log into
> Windows the first time... just that the NIS DES
> encrypted password is nuked (untypable) and the boxes
> do their auth NTLM style to the Windows password
> server. Or.. even better, don't use NTLM at all and
> just load an SSH key which comes off a shared drive
> in NFS/Samba space (home dirs) at Windows login time and tell them
> to PuTTY into the client hosts... then they don't
> have to use a password once they've logged into
> the Windows client.

Making SSH keys network accessible is..... asking for trouble. It's almost
as bad as putting a post-it note on your keyboard with your password on it.


.

Relevant Pages

  • Re: Sparc Solaris NIS client Linux NIS server
    ... >>If the number of accounts are small then ... >>fairly trivial to auto create NIS users based on Windows ... > LDAP works much, much better for providing single-source authentication. ...
    (comp.os.linux.setup)
  • Re: NIS 2002 Pro edition :-)
    ... >>A couple of months back I complained about NIS 2001 not using the Windows ... >>accounts to prevent changes. ... I'm now using NIS 2002 Professional Edition, ... > I tried it but the "by user settings" is not all true. ...
    (comp.security.firewalls)
  • RE: Norton Internet Security 2009 - Update Causes Unbootable Systems
    ... I then uninstalled NIS 2009. ... the conclusion of the uninstall I was asked to restart Windows, ... I attemped to start Windows XP normally on this Gateway notebook computer. ... subsequently I installed new hard drives and ...
    (microsoft.public.windowsxp.general)
  • Re: Blaster Symptoms but no worm found ?
    ... I had to run Rna2003 to remove all residue of NIS 2002, ... >> personal firewall feature enabled as well as the XP ... >> Thank you for your interest in Windows Update ... >it sounds like registry entries for it have been ...
    (microsoft.public.windowsxp.security_admin)
  • Re: NIS 2002 Pro edition :-)
    ... >A couple of months back I complained about NIS 2001 not using the Windows ... >accounts to prevent changes. ... I'm now using NIS 2002 Professional Edition, ... I tried it but the "by user settings" is not all true. ...
    (comp.security.firewalls)