Questions about using IDMU and Services for NIS for Linux authentication

January 24, 2008

We are trying to create a single point of authentication for our

heterogeneous Linux/Windows environment. I have set up a Windows 2003

R2 server as a main AD server and installed the Identity Management for

Unix subsystem. Do I also need to install any other services, or does

choosing IDMU automatically install all the necessary subservices (RPC

port mapper, etc.) that are required for allowing Linux/Unix hosts to

authenticate to the AD server acting as an NIS Master?

Also, in order for the Linux machines to properly authenticate off the

Windows NIS Master server, does the Linux machine need to be configured

to do so using Kerberos?

January 26, 2008

Re: Questions about using IDMU and Services for NIS for Linuxauthentication

Re: Questions about using IDMU and Services for NIS for Linuxauthentication

Selecting IdMU installs all the required components.

You now need to enable "AD to NIS password Sync" in Password

Synchronization properties, populate the UNIX Attributes for accounts,

change the passwords once for those users and then configure your UNIX

systems to become NIS clients. Kerberos configuration is not needed to

be able to authentication against R2 NIS servers.

- Ashish

January 26, 2008

Re: Questions about using IDMU and Services for NIS for Linuxauthentication

Re: Questions about using IDMU and Services for NIS for Linuxauthentication

That configuration option was the missing piece for me.

Thank you, Ashish.

Rob

Ashish wrote:

> Selecting IdMU installs all the required components.

>

> You now need to enable "AD to NIS password Sync" in Password

> Synchronization properties, populate the UNIX Attributes for accounts,

> change the passwords once for those users and then configure your UNIX

> systems to become NIS clients. Kerberos configuration is not needed to

> be able to authentication against R2 NIS servers.

>

> - Ashish

Recommended Posts