| Blogs | Classifieds | Downloads | FlashChat | Gallery | Googlemap | Invite Friends | Links | Projects | Reviews | Wiki |
| |||||||||
 |  Operatings Systems for POWER Systems AIX for POWER Systems |
 Migrating off NIS | |
Welcome to the pSeries Tech Forums,
our free peer-based support site for administrators, engineers and architects working with IBM pSeries servers and software. You are currently viewing our site as a guest which gives you limited access to view most discussions, articles, tutorials and access our other free features. By joining our community you will be able to collaborate with administrators, engineers and architects charged with designing, delivering or maintaining IBM pSeries server environments. Founded by a recognized IBM pSeries consultant and IBM Redbook author, pSeries Tech Forums was developed with the single mission of bringing IBM pSeries professionals together into a single self-help community. Registration is fast, simple and absolutely free to all IT professionals with responsibility for or interest in IBM pSeries servers. We invite you to join our community today! If you have any problems with the registration process or your account login, please contact contact support. |
| Our Sponsors | |
| | |
| Want to advertise? | |
 |
| | LinkBack | Thread Tools |
|
#1
June 3rd, 2006
| ||||
| ||||
I know some of you out there are still using NIS because I've worked with you over the last few years. I make it a point to mention that some other user management system is definitely in your best interest. Even at its hight of popularity, NIS was insecure and problematic. IBM is certainly encouraging this migration. Ideally, IBM would like you to migrate LDAP for user authentication, and this is definitely a direction that makes sense for many users. You can review the procedures for making this migration here. However, most companies are mixed environments of Unix and Windows. As much as I hate to admit it, I find that companies have far more mature procedures and policies - such as password aging and reuse - in their windows environments than for their Unix servers. Why not take advantage of this? You can use Microsoft Active Directory for user authentication for AIX via Kerberos. AIX 5L user authenticates against Microsoft’s Kerberos Key Distribution Center (KDC) and receives a ticket-granting ticket (TGT) upon successful authentication. User information is stored in the Microsoft Active Directory. By default, the Active Directory schema does not have the required POSIX attributes (such as user ID, group ID, and login shell) defined. Without these attributes, a user would be unable to log on to any UNIX client, using Active Directory. In order to integrate UNIX clients into Active Directory, Microsoft released a product called Microsoft Windows Services for UNIX (SFU), extending the Active Directory schema with object classes required to support UNIX clients. Regardless of the direction you choose, you really should make every effort to move away from NIS, the sooner the better.
__________________ To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts. Fred Sherman IBM pSeries and Storage Architect          |
|
| Bookmarks |
« -
|
Why so many wait processes? »
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Migrating from DS4800 with RDAC to DS8k with SDD | zeroxzero | AIX for POWER Systems | 0 | February 27th, 2007 04:52 |
Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.2.0
Powered by vbWiki Pro 1.3 RC5. Copyright ©2006-2007, NuHit, LLC
vBulletin Skin developed by: vBStyles.com
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.2.0
Powered by vbWiki Pro 1.3 RC5. Copyright ©2006-2007, NuHit, LLC
vBulletin Skin developed by: vBStyles.com
