Secure name service for Solaris (was: RPCSEC_GSS and NIS etc)

From: Vladimir Ivanov (
Date: 08/29/01

Message-ID: <>
Date: Wed, 29 Aug 2001 10:29:05 +0200
From: Vladimir Ivanov <>
Subject: Secure name service for Solaris (was: RPCSEC_GSS and NIS etc)

> > What about other RPC-based services? NIS, NIS+, rpc.rstatd ?
> > Or all applications need to be rewritten with new API?
> NIS no - it doesn't even use AUTH_DH (aka AUTH_DES).
> NIS+ kind of yes. It does use RPCSEC_GSS but only for dh640-0 and
> dh1024-0. It can't be used to used Kerberos.

Is there plans for doing this? I think no one is taking care of NIS now,
but may be NIS+?

Or SUN is going to promote LDAP as main name/directory service for
For now there is a possibility for pam_unix to store passwords on
ldap, but this makes things not better than just NIS. Also there is
but as far as i understand this is even worse.

AFAIK there is also NIS+ for HP-UX and (client-only) for Linux,
does anyone knows how are these implementations compatible to SUN
implementation of NIS+?

Vladimir Ivanov                      
System Administrator                 E-Mail:
Toshiba Electronics Europe GmbH      Tel/Fax: +49-211-5296-297/386