Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Solaris - Moving off NIS to something better
Operating Systems Solaris Solaris - Moving off NIS to something better Post 303010834 by jlliagre on Monday 8th of January 2018 07:19:18 AM
Old 01-08-2018
Yes, still running Solaris 8 (end of extended support 2012) and 9 servers (end of extended support 2014) means security is not a top priority in your shop.

Moving to LDAP is definitely the recommended way to provide secure distributed authentication but that's not something you do overnight.

Is your environment only using Solaris or also other Unix/Linux OSes?

Do you already have an ldap service somewhere? Does it already contains entries for your unix users?

Do you require a commercially supported solution?
Last edited by jlliagre; 01-08-2018 at 08:29 AM..
This User Gave Thanks to jlliagre For This Post:
psychocandy
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Solaris NIS+ and RedHat NIS+

Hello all, I'm not sure if this is the right forum, but I would like to know if Redhat running NIS ( not NIS +) would have conflict with Solaris running NIS+. Currently I am running NIS+ on Solaris but will be adding RedHat to the network. I seem to be unable to find and information regarding... (2 Replies)
Discussion started by: larry
2 Replies

2. UNIX for Dummies Questions & Answers

linux redhat and solaris NIS+

Hello all, I am wondering if anyone had success with installing a redhat linux (PC box) on a Solaris NIS+ network. I have gotten information on how to do this but have been unsuccessful. The information that I have gotten is a little out dated and is not 100%. ... (0 Replies)
Discussion started by: larry
0 Replies

3. UNIX for Advanced & Expert Users

Moving NIS master to new machine

I am running a DNS/NIS server on and older 2.6 system. I would like to move it to a newer system running Sol9. I have not found a good HOWTO and was looking for some advice. Thanks in advance. Dave (4 Replies)
Discussion started by: dlalonde
4 Replies

4. Solaris

Solaris 10 NIS Client

Hi all, Recently i have implemented NIS functionality in solaris 10 and i have created server and client with user in server side by giving useradd -d /export/home/user1 -m -s /bin/sh user1 after that I went to /var/yp dir and give /usr/ccs/bin/make so that it will refelect to client... (2 Replies)
Discussion started by: esungoe
2 Replies

5. Solaris

How to do the Loadbalancing on NIS Server in Solaris 10 sparc

We set-up master/slave servers for NIS on Solaris10 Sparc. We are trying to synchronize them in such a way that if one server is down then other server would pick-up and also do load balancing. We are stuck on this part. Do you have any documentation or point to the documentation where we get some... (1 Reply)
Discussion started by: anandp14
1 Replies

6. Solaris

Nis startup in Solaris 8

Hello How can I check to see when nis server is starting? I look at /etc/rc2.d/ but I don't see it in there. Every time we have power outage problem. I have to start autof service manual. So I think it might have to do with nis server services. (1 Reply)
Discussion started by: congngo
1 Replies

7. Solaris

Solaris 10 NIS client configuration

Hi, I have a Solaris 10 machine and trying to connect it to a Linux NIS Server. Up till now I have set up NIS so that it does find the NIS server and gets the user list. Automounter also mounts some directories from an NFS server. However, I can't get it to map the shadow passwords (they... (4 Replies)
Discussion started by: dop
4 Replies

8. UNIX for Advanced & Expert Users

Move NIS Server Solaris 10 to CentOS7

Hi, I hope somebody can help me. I wand to Move my NIS server on Solaris 10 (there are 2 Slaves on Linux) to CentOS7. Do you have any procedures or experience to do this? Thanking in anticipation! (2 Replies)
Discussion started by: Penguin99
2 Replies

9. Solaris

Ssh onto Solaris servers (which uses NIS)

Sys admin has provided me username and password and advised that solaris uses nis (and then I've been given hostnames). I've downloaded putty but it gives me authentication failure. Nothing special I have to do if its NIS authentication? (1 Reply)
Discussion started by: psychocandy
1 Replies

10. Solaris

Deleting NIS user Solaris 8

ypcat passwd | grep "user" - shows the user userdel "user" says "user does not exist" What am I doing wrong? (1 Reply)
Discussion started by: psychocandy
1 Replies

LEARN ABOUT OPENDARWIN

ldapwhoami

LDAPWHOAMI(1)						      General Commands Manual						     LDAPWHOAMI(1)

NAME

       ldapwhoami - LDAP who am i? tool

SYNOPSIS

       ldapwhoami  [-n]  [-v] [-z] [-d debuglevel] [-D binddn] [-W] [-w passwd] [-y passwdfile] [-H ldapuri] [-h ldaphost] [-p ldapport] [-O secu-
       rity-properties] [-I] [-Q] [-U authcid] [-R realm] [-x] [-X authzid] [-Y mech] [-Z[Z]]

DESCRIPTION

       ldapwhoami implements the LDAP "Who Am I?" extended operation.

       ldapwhoami opens a connection to an LDAP server, binds, and performs a whoami operation.

OPTIONS

       -n     Show what would be done, but don't actually perform the whoami operation.  Useful for debugging in conjunction with -v.

       -v     Run in verbose mode, with many diagnostics written to standard output.

       -d debuglevel
	      Set the LDAP debugging level to debuglevel.  ldapcompare must be compiled with LDAP_DEBUG  defined  for  this  option  to  have  any
	      effect.

       -x     Use simple authentication instead of SASL.

       -D binddn
	      Use the Distinguished Name binddn to bind to the LDAP directory.

       -W     Prompt for simple authentication.  This is used instead of specifying the password on the command line.

       -w passwd
	      Use passwd as the password for simple authentication.

       -y passwdfile
	      Use complete contents of passwdfile as the password for simple authentication.

       -H ldapuri
	      Specify URI(s) referring to the ldap server(s).

       -h ldaphost
	      Specify an alternate host on which the ldap server is running.  Deprecated in favor of -H.

       -p ldapport
	      Specify an alternate TCP port where the ldap server is listening.  Deprecated in favor of -H.

       -P 2|3 Specify the LDAP protocol version to use.

       -O security-properties
	      Specify SASL security properties.

       -I     Enable SASL Interactive mode.  Always prompt.  Default is to prompt only as needed.

       -Q     Enable SASL Quiet mode.  Never prompt.

       -U authcid
	      Specify the authentication ID for SASL bind. The form of the ID depends on the actual SASL mechanism used.

       -R realm
	      Specify the realm of authentication ID for SASL bind. The form of the realm depends on the actual SASL mechanism used.

       -X authzid
	      Specify  the  requested  authorization  ID  for SASL bind.  authzid must be one of the following formats: dn:<distinguished name> or
	      u:<username>

       -Y mech
	      Specify the SASL mechanism to be used for authentication. If it's not specified, the program will  choose  the  best  mechanism  the
	      server knows.

       -Z[Z]  Issue  StartTLS (Transport Layer Security) extended operation. If you use -ZZ, the command will require the operation to be success-
	      ful.

EXAMPLE

	   ldapwhoami -x -D "cn=Manager,dc=example,dc=com" -W

SEE ALSO

       ldap.conf(5), ldap(3), ldap_extended_s(3)

AUTHOR

       The OpenLDAP Project <http://www.openldap.org/>

ACKNOWLEDGEMENTS

       OpenLDAP is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).  OpenLDAP is derived from University  of  Michigan
       LDAP 3.3 Release.

OpenLDAP 2.1.X							    RELEASEDATE 						     LDAPWHOAMI(1)
All times are GMT -4. The time now is 10:58 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy