Windows Services for Unix: There's No Place Like /home - Page 2

By Carla Schroder | Posted Jul 14, 2004
Page 2 of 2   |  Back to Page 1
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

Continued From Page 1

Active Directory Integration
Server for NIS stores NIS objects in the Active Directory, which integrates UNIX users, groups, and hosts into their Windows-based equivalents. Thus, UNIX users and groups are administered in an identical manner to Windows users and groups. NIS data can be managed by using Active Directory tools such as the Users and Computers snap-in. Plus, any users common to both UNIX and Windows networks can be represented uniquely in Active Directory.

SFU includes bidirectional Windows-to-UNIX and UNIX-to-Windows password synchronization that supports both local and domain account Windows password synchronization. Domain account synchronization requires that Password Synchronization be installed on Windows 2000 or Windows Server 2003 domain controllers. Password change requests are sent to only those computers or users that administrators select. For UNIX-to-Windows synchronization, the ssod.conf file controls the password synchronization behavior. Configuration of the Windows-to-UNIX synchronization uses the SFU Administration snap-in.

You can escape all this synchronization fun by implementing true single sign-on: migrate your UNIX NIS users into Active Directory, and disable your UNIX NIS servers. Microsoft provides some Korn scripts to do this, though be warned, you’ll probably still have a lot of manual tweaking to do. File permissions operate differently in UNIX and Windows. Also, UNIX is case-sensitive; Windows is not, so file and usernames present a potential case nightmare. And users that have multiple accounts will really increase the fun factor.

Adding SFU to an existing Windows network might be just the tool you need to integrate your UNIX users and resources. However, don’t assume it works by magic — you’re going to need UNIX knowledge to make it all work right, and not be a wide-open, insecure mess. Visit Windows Services for UNIX to find documentation and howtos.

Resources


Shuying Wang is a soon-to-be computer engineering graduate of the University of New South Wales, Australia. In another life, she was a system administrator and programmer at Iman International. She lives with 3 computers that run Linux, Mac OS X and M$ Windows and can be contacted at shuying@techpiles.org

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter