Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Microsoft

Windows Authenticating to NIS Servers? 5

Posted by Cliff from the getting-billboxen-to-play-nice-with-others dept.
Nericus asks: "I'm in the process of linking four separate networks via VPN. Each has its own little DNS sub-domain (lazy, quake, sector13 and overkill) with each possessing its own little branch of resources, here's the problem. I'm looking for a way to authenticate to a server (NIS) in each domain so the owners can have access control to the various resources. The problem lies in the fact that a decent chunk of the machines are running Windows 95, 98 or 2k (no flames, please) and I can't find a simple (re: cheap/free) method of authenticating Windows to a NIS server, M$ seems to think that Unix boxes should authenticate to a Windows box that'll emulate a NIS server, but won't authenticate TO one without third party software. Any suggestions would be greatly appreciated (P.S. Yes, I've considered having them authenticate to Samba, but that's a less than elegant solution from what I can tell) "
This discussion has been archived. No new comments can be posted.

Windows Authenticating to NIS Servers? More

Windows Authenticating to NIS Servers?

Comments Filter:

  • Hi. We have spent the last four and half years working on a system that allows you to manage directory information in a central database, which will propagate network information into various directories (NIS, DNS, LDAP, Samba, Windows NT) when changes are made. Since it's all open source and scriptable, you can tie just about anything you want into your directory services.

    See my .sig for a link to Ganymede. We haven't ut out a release for nearly six months, but we've been busy working on it, and 1.0pre1 will be coming out within a couple of weeks with a whole heck of a lot of new features, performance improvements, and bug fixes.

  • awhile back we were looking into a product called p-sync that would syncronize nis/nis+ and nt domain passwords. p-sync would act as a interim authenticating agent between the two systems, a handshake system if you will, passing the info to the final authenticators(s)without user intervention. i think the company was mustang terch out of alberta,ca.
  • Admittedly, this is a longshot without any research backing it up (yet) but how about setting up Samba on the NIS server, or something similar, and using it like an NT domain controller? Wouldn't Samba use the NIS databases to authenticate the users?
  • I can't help you with NIS-to-SMB/NMB/SAM Database integration (between an NT Server and a NIS Server) -- you'll probably need to use Microsoft's NIS Server for WinNT or Samba on UNIX.

    Windows95 used to include the Sun PC-NFS client that might do what you're asking, but I'm not sure (as the last time I used Windows95 was several months ago and I don't have a test system to mess with).

    If you're just trying to get Windows (NT) to log into an NIS domain, you can have a look at NISGINA. There's a neat article at LinuxWorld here [linuxworld.com]. I poked around with this before I discovered Samba, but never really tested is. NISGINA's hopme page is here [qmw.ac.uk]. NISGINA (and it's subsidiary utilities) come with source, too (which is nice).

    Sun (I think..) also makes an NIS/NFS client for Win32 -- there's a technical run-through here [ucsb.edu]. It's called the Solstice NFS Client for Windows and it probably doesn't come cheap.

    Now, if anywone knows where I can get a cheap/free Macintosh NIS/NFS client... (and yes, I know about Netatalk, but I'd like to try anyways)

  • Get a replacement GINA.dll (Score:3)

    by Bazzargh ( 39195 ) on Tuesday May 30, 2000 @01:59AM (#1038734)
    Theres been quite a few attempts at integrating NT and NIS security (check out the Samba mailing lists, or the comp.protocols.smb archive on Deja). The client side techniques concentrate on replacing the authentication DLL in NT (eg with 'nisgina'), for example:

    http://www.arch.usyd.edu.au/~doug/gina.html

    See this article for more info:
    http://www.linuxworld.com/linuxworld/lw-1999-11/ lw-11-integration_p.html

    The only server side alternate I know of is to use Samba as a PDC, not supported in any stable release. Theres discussions of this in (IIRC) the samba-technical mail archives.
    http://www.samba.org/

    Clearly server side fixes are preferable due to rollout costs but they aren't there yet. No -let me correct myself. Clearly MS writing an interoperable security system is preferable but they choose not to.

    I looked at this a couple of years ago for our network (mixed solaris, 98, 95, NT), the Samba PDC wasnt reliable enough and altering the client PC's wasnt an option; so sorry I can't help more. Best of luck -

    -Baz

Slashdot Top Deals

Your files are now being encrypted and thrown into the bit bucket. EOF

Close