UNIX & NT4.0 Domains

[Tybak]

Solaris 8 and 9
2000 Servers w/LDAP(iPlanet installed)
2 NT 4.0 domains


I am new to UNIX but very experienced with NT 4.0/2000. I am working with a initial install of LDAP. I have never installed UNIX(Solaris, Linux, nor AIX).

I have a NT4.0 domain called TEST with a NT Testbox setup in that domain. I have another domain called MYCOMP.COM. The UNIX box was built in the MYCOMP.COM domain. I would like to connect to it and test some changes from the TEST domain. I can ping it...telnet to it.

Do domains mean anything in the UNIX world?
Do I have to make any config. changes?


Thanks in advance,
T

 

[SamBones]

An NT "domain" and a unix "domain" are completely different animals existing for completely different purposes.

In unix, the domain MYCOMP.COM that you set your machine up in is part of the Domain Name System (DNS). This is used for locating machines with a name in a hierarchical naming system. This keeps you from having to memorize IP addresses. If you've ever pointed a browser at [ignore]

http://www.google.com

or www.amazon.com[/ignore] you've used a DNS domain name. The names and IP addresses are served by DNS nameservers. These are what return an IP address when you give them a name (i.e. "[ignore]nslookup www.ebay.com"[/ignore]). On Solaris, look in the file [tt]/etc/resolv.conf[/tt] to see which DNS nameservers you are using. DNS has nothing to do with authentication, only name resolution.

An NT domain is used for authenticating resources, mostly users, on machines that are members of that domain (or have a trust with the domain). It's what lets you log on. The NT domain itself is a database being served to the network by a Domain Controller (PDC). This database holds user ingformation including their password and other rights and privileges they hold. It also holds information about different machines and other resources that are members of the domain. When someone logs into a PC that's a member of an NT domain, the PC contacts the domain controller and confirms that this user is allowed (user id exists, not expired, password correct, etc), and what their level of authority is on that machine. It can also optionally run login scripts on their behalf and send them their profile. NT domain authentication usually uses WINS or NETBIOS names for name resolution.

The NT domain actually controls who can log on to what, and what they can do when logged on there. The DNS domain is just a naming system that simplifies locating resources on a network.

At least this is the way I understand it.

Hope this helps.

 

[needcoffee]

Tybak,

You can log into the unix servers from any machine on the TEST or MYCOMP.COM domains if you can communicate between domains already. The easiest way log into the Solaris server from a NT or other Win box is to run telnet solarisipaddress and use the user account you set up during installation. If you have not installed the OS yet, you will need to work from the server console (just like NT and Win2k). Telnet is an unsecure transport so I would consider installing SSH, check out

http://www.openssh.org

for solaris specific info. In unix /? or help is replaced by man, i.e. man telnet would display the help file on telnet. Welcome to the wonderful world fo Unix.

Where did I put my mug...
needcoffee