Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

ldap to replace NIS

Status
Not open for further replies.
gfunk123

gfunk123

IS-IT--Management
May 22, 2001
143
GB
Hi, I am a solaris administrator who is currently working in a solaris 2.6,7,8,9 environment. We are using NIS for centralised account authentication, groups, host name resolution and most importantly automounting. NIS , over the last few months has been rearing its notorious ugly head, and to be quite frank, i want to ditch it in favour of an all singing all dancing ldap server. But as much as i browse the web for solutions i am still left with some burning questions

1) Can I replace all NIS functionality (including automount) with an ldap solution, If so what would be better, openLdap or iPlanet. I would obviously lean toward a sun boxed soltion for our Sun network, but ease of setup, help/resources on the web and cost will be the determining factor.

2) I have searched the SUn website, and can find no documentation on iPlanet as a replacement for NIS, Subsequently, I dont know if this is a chargeable solution or if its bundled with one of my many solaris licenses. I also understand iPlanet is effectively a suite of stuff, but Which bit is the ldap server that I can replace NIS with ??.

3)what extra functionality can ldap provide over NIS, i have been told about the samba account integration, but is there anything else that would help me run my network with more ease.

4) Is ldap (whatever flavour) a secure and stable alternative to NIS


any help on these points would be greatly appreciated
 
Sort by date Sort by votes
NIS is about the worst solution as far as security goes. NIS+ is better but a pain to manage.
You have to go with LDAP, since most software and OS are now LDAP compatible which will aloow you to go slowly towards single sign-on.
What I would recommend is Iplanet Directory Server. It is free if you have less than 200,000 entries. Version 5.2 will be available soon and will allow synchronistation with MS AD. The client is already included with Solaris 8 and above.
Plus you get a nice java GUI to administer your accounts.
Hope this helps Too bad I.T. is not cash business

Luc Foata
Unix sysadmin, Oracle DBA
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ziggy6
  • Locked
  • Question
Help using awk or some kind of Tool in Unix to Read a file, cut fields and write to a file
Replies
2
Views
397
mikrom
mikrom
ziggy6
  • Locked
  • Question
Trying to Install Openssl 1.1.1. on SCO 5.0.7
Replies
0
Views
344
ziggy6
ziggy6
mduddytel
  • Locked
  • Question
Unix Root inbox - how to clear
Replies
0
Views
315
mduddytel
mduddytel
paublo
  • Locked
  • Question
awk to sed equivalent
Replies
4
Views
121
paublo
paublo
1in10
  • Locked
  • Question
two dns entries, pre-configured router? how to, in bsd
Replies
0
Views
70
1in10
1in10

Part and Inventory Search

Sponsor

Back
Top