[NTLUG:Discuss] NIS capabilities? - noobie
Chris Cox
cjcox at acm.org
Fri Apr 10 09:52:37 CDT 2009
On Fri, 2009-04-10 at 19:15 +0530, namit.bhalla at wipro.com wrote:
...
> Thanks Chris for the detailed answer.
> That actually leads me to the next question - in *ix world, what do we
> have
> that is analogous to AD in Windows? [perhaps I am going off-topic here].
> That is, how can an admin enforce policies across an enterprise?
> I would imagine a server component that responds to LDAP requests and an
>
> LDAP client. Is that correct?
Yes... LDAP comes closest. But the combination of LDAP plus
kerberos is probably the closest actually.
And no... that DOES NOT get you some kind of policy enforcement.
Again, just like NIS, you have a database (LDAP... which is more
flexible than NIS tables) and an authentication piece (kerberos).
The rest is up to you.
I do recommend PAM as far as attempting to set some policies....
but it's really not analogous to AD... Windows isn't *ix... and
a lot of AD is there because Windows isn't *ix.
Short answer... it's different. The idea of typical AD
policy enforcement may not even apply.
More information about the Discuss
mailing list