[focus-sun] Re: LDAP replacing NIS...?

From: Nick Santucci (nick@ucf.ics.uci.edu)
Date: 01/29/03

  • Next message: David M. Fetter: "Re: LDAP replacing NIS...?"
    Date: Wed, 29 Jan 2003 11:29:24 -0800 (PST)
    From: Nick Santucci <nick@ucf.ics.uci.edu>
    To: Gregory Hicks <ghicks@cadence.com>
    
    

    > Is there a method of having NIS query LDAP directly?

    http://www.padl.com/Products/NISLDAPGateway.html

    The NIS/LDAP Gateway, or ypldapd, is a Network Information Service (NIS)
    server which uses LDAP as its information source. It permits existing NIS
    clients to transparently use LDAP to resolve user, group and host
    information. Enterprises can thus realize the benefits of LDAP, such as
    its distribution and being scalable, without upgrading clients. Used in
    conjunction with LDAP server technologies such as iPlanet Directory
    Server, Integration Edition, or Active Directory with Microsoft Services
    for UNIX, the software can provide single sign on to both NT and UNIX
    clients.

    Prices available @

    http://www.padl.com/Contents/Purchasing.html

    </Nick>

    On Tue, 28 Jan 2003, Gregory Hicks wrote:

    >
    > I have the unenviable task of figuring out how, in a mostly Sun
    > environment, to use LDAP to replace all NIS maps.
    >
    > We are already using LDAP to maintain hosts, passwd, and group with
    > networks, services, et al to follow in the near future. This however,
    > just replaces vi with the LDAP db modifying calls.
    >
    > Is there a method of having NIS query LDAP directly?
    >
    > Has anyone tried to use LDAP to replace the NIS passwd (also hosts,
    > group, aliases, et al)? We have converted a system to using LDAP
    > queries to authenticate users working, but once we changed to LDAP,
    > users can no longer login to their CDE desktop.
    >
    > Given a mix of SunOS 4.x, Solaris 2.5, 2.5.1, 2.6, 7-9, is there a
    > really good method to make the switch? Or are we, for the near term,
    > going to be maintaining the maps in LDAP and periodically 'pushing' the
    > source maps to the remote NIS masters?
    >
    > Or is this a truly LONG TERM project (3-6 years)
    >
    > (I also have to make HP-UX, AIX, and Linux fit this same model, but
    > this is not the right forum for these OSes...)
    >
    > Any pointers, advice, will be appreciated.
    >
    > Regards,
    > Gregory Hicks
    >
    > -------------------------------------------------------------------
    > Gregory Hicks | Principal Systems Engineer
    > Cadence Design Systems | Direct: 408.576.3609
    > 555 River Oaks Pkwy M/S 6B1 | Fax: 408.894.3400
    > San Jose, CA 95134 | Internet: ghicks@cadence.com
    >
    > "The trouble with doing anything right the first time is that nobody
    > appreciates how difficult it was."
    >
    > When a team of dedicated individuals makes a commitment to act as
    > one... the sky's the limit.
    >
    > "There is no limit to what a man can do or how far he can go if he
    > doesn't mind who gets the credit." - Robert Woodruff
    >



    Relevant Pages

    • Re: One login for multiple machines
      ... get authenticated from remote server (thus not need to create ... network) a centrally-stored login on a Linux server for Windows PCs ... I've excerpted some relevant info from two web pages on NIS and LDAP... ... It is for this reason that LDAP ...
      (Ubuntu)
    • Re: Centralized authentication
      ... >A few people suggested NIS+. ... Virtually all of our boxes are FreeBSD, ... >don't know very much about either server. ... >setup and get working than an LDAP server. ...
      (FreeBSD-Security)
    • opensource alternative to ypldapd (NIS/LDAP Gateway)
      ... The NIS/LDAP Gateway, or ypldapd, is a Network Information Service ... server which uses LDAP as its information source. ... It permits existing NIS ... conjunction with LDAP server technologies such as iPlanet Directory ...
      (alt.os.linux)
    • Re: NIS+ Server and LDAP Server on same machine?
      ... The LDAP directory server process does not need the ... > NIS domainname set to anything specific. ... Solaris, then configure LDAP client). ...
      (comp.unix.solaris)
    • Upgrading Directory Services.
      ... I've been using NIS and DNS since the late 80's and LDAP since 1997. ... my LDAP experience to date has only been in support of my ... practices on how to setup the Directory Server. ...
      (SunManagers)