LDAP replacing NIS...?

From: Gregory Hicks (ghicks@cadence.com)
Date: 01/28/03

  • Next message: Nick Santucci: "[focus-sun] Re: LDAP replacing NIS...?"
    Date: Tue, 28 Jan 2003 09:15:10 -0800 (PST)
    From: Gregory Hicks <ghicks@cadence.com>
    To: focus-sun@securityfocus.com

    I have the unenviable task of figuring out how, in a mostly Sun
    environment, to use LDAP to replace all NIS maps.

    We are already using LDAP to maintain hosts, passwd, and group with
    networks, services, et al to follow in the near future. This however,
    just replaces vi with the LDAP db modifying calls.

    Is there a method of having NIS query LDAP directly?

    Has anyone tried to use LDAP to replace the NIS passwd (also hosts,
    group, aliases, et al)? We have converted a system to using LDAP
    queries to authenticate users working, but once we changed to LDAP,
    users can no longer login to their CDE desktop.

    Given a mix of SunOS 4.x, Solaris 2.5, 2.5.1, 2.6, 7-9, is there a
    really good method to make the switch? Or are we, for the near term,
    going to be maintaining the maps in LDAP and periodically 'pushing' the
    source maps to the remote NIS masters?

    Or is this a truly LONG TERM project (3-6 years)

    (I also have to make HP-UX, AIX, and Linux fit this same model, but
    this is not the right forum for these OSes...)

    Any pointers, advice, will be appreciated.

    Gregory Hicks

    Gregory Hicks | Principal Systems Engineer
    Cadence Design Systems | Direct: 408.576.3609
    555 River Oaks Pkwy M/S 6B1 | Fax: 408.894.3400
    San Jose, CA 95134 | Internet: ghicks@cadence.com

    "The trouble with doing anything right the first time is that nobody
    appreciates how difficult it was."

    When a team of dedicated individuals makes a commitment to act as
    one... the sky's the limit.

    "There is no limit to what a man can do or how far he can go if he
    doesn't mind who gets the credit." - Robert Woodruff

    Relevant Pages

    • Re: integrating custom NIS maps into LDAP
      ... >| maps are in use? ... I am working on a project to migrate to LDAP from NIS and we ... > maps so that it uses your unique nisMap entries in your LDAP. ...
    • Re: LDAP replacing NIS...?
      ... Try replacing NIS with kerberos. ... Gregory Hicks wrote: ... to use LDAP to replace all NIS maps. ...
    • Re: integrating custom NIS maps into LDAP
      ... Kevin Collins wrote: ... | maps are in use? ... I am working on a project to migrate to LDAP from NIS and we ...
    • Re: Directory Server LDAP/LDIF import - working yet not working???
      ... I then generated LDIF files from the /etc files on our NIS ... > 10,000-foot understanding of LDAP. ... > I already downloaded the various LDAP BluePrints and Directory Server ...
    • LDAP & NIS on Solaris 10
      ... approved way of setting this up, likes to change everything to be LDAP. ... I really want most services to still use NIS so that I don't have to ... "A NIS client and a Native LDAP client cannot co-exist on the same ... hosts: files nis dns ...