Hi, find my original question below. Got not so much answers, thanks to Srinivas Arella and Reginal Beavers for answering. Seems that we're doing something unusual, :-) But, we finally got it working: First of all, the NIS-Slave has to be part of the Windows-Domain, although it's a Solaris... And then, you have to distinguish between LOCAL Users on UNIX and NIS-Users... I thought Windows would update the /etc/password and /etc/shadow remotely, and then call /var/yp/make to rebuild the NIS-maps. (the documentation also says something like this). But, if the Unix-Host is just acting as a NIS-slave, this is unnecessary - Windows just updates the maps using yppush. Very complicated to get it working, especially due to the really small documentation. There are still some quirks, regarding deactivating/ deleting of users, changing timeouts etc., but I think we're on the right way. Maybe, I will write a little Howto when I'm ready, and post it to the list. Thanks again for answering, Harald > Hi Gurus, > > I hope this is not off-topic, but it really bothers me: > > I'm using NIS as authentication model on some of our Solaris hosts (Solaris > 2.6 and higher). > Everything's working fine, and now, I want to synchronize the NIS database > to our Active Directory system (It's a kind of an LDAP-Dir, running under > Microsoft Windows 2000). > There's a toolkit from Microsoft, called "Services for Unix". I've > downloaded the evaluation version, installed it, and it seems to work. I can > configure NIS-Clients to use the Windows-Box as their NIS-server, and when I > change the password on UNIX, it also gets changed on Windows, and vice > versa. > But, now the next step: > I want to setup a NIS-Slave-Server (let's call it Slave), and a > Windows-AD-Server (called Master). These two should stay synchronized, every > time a user is added on Windows, it should also be in the NIS-Database on > the slave server. Then, I'd like to setup another NIS-client, which should > only "see" the slave server. (The reason for this is that on Windows, you > have to inform the server about any added client - and, a special program > has to be run on the client's side, allwoing the password sync) > I got the first step running, the passwords are synchronized - but it seems > the Windows Box does not know anything about its slave (or, "subordinate > server", as Microsoft calls such a host) > Due to the (very small) documentation the Windows server should update the > slave's /etc/passwd and /etc/shadow, and run /var/yp/Makefile every time a > user is added in the Window's ActiveDir-DB. > This doesn't work, I just see error messages in /var/adm/messages, saying > the user is unknown... > > Anyone done this before? Or, does someone know where I can find a little > HowTo for this?? Unfortunately, Microsoft's documentation is not very useful > (as usual, :-) ) > > Thanks for your help, will summarize, > > Harald ============================================ Harald Husemann Systems Engineer Teammanager Unix Administration and Configuration Management Materna GmbH Vo_kuhle 37 D-44141 Dortmund/Germany Phone: +49-231-5599-8684 Mobile: +49-179-2300651 e-mail: harald.husemann@materna.de _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Wed Aug 14 03:59:05 2002
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:42:52 EST