Re: Hardening NIS+

From: Darren Moffat (Darren.Moffat@Sun.COM)
Date: 08/22/02

Date: Wed, 21 Aug 2002 17:17:53 -0700 (PDT)
From: Darren Moffat <Darren.Moffat@Sun.COM>

>> IMHO, the best combination for ease of administration and security is to
>> use Kerberos with NIS+.
>I am curious .... Has anyone configured a Solaris machine to use Kerberos
>authentication against a Microsoft Active Directory?
>If I'm so lucky to find someone who has done so... what's required?

Yes this works fine. Just tell the Solaris machine the name/IP of
the Active Directory machine when you are prompted for the name of
the KDC during sysidcfg. If you are doing it post install then update

This just works. The opposite doesn't work well: ie using a Solaris
(or any MIT derived) KDC to server Windows 2k clients.

Darren J Moffat

Relevant Pages