Steps to configure Password Sync With NIS ( Windows -> Unix)

  • Article

     

1. Make your Windows box a Domain controller. Install "Identity Management for UNIX" (Server for NIS and password Sync). To install this component user needs to be a part of Schema admin/ domain admin and enterprise admin group.

2. Reboot the box

3. In Active Directory values for Unix related attributes need to be populated. ( User Unix attribute tab or NIS migration wizard to perform the step.)

4. Configure the Unix box as a client for this Windows NIS master. Steps for configuring Linux is mentioned below.

5. On Windows Box: Open IDMU – Password Sync- properties

a) Check the option “ Windows to Computer that runs on Unix”

b) Port number:6677

c) Generate a new encryption key as highlighted below

 

pass1

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

6. Then go to the configuration tab

a) Check the option “ Enable extensive logging”

b) Check the option Enable Windows to NIS (AD) Password Sync

 

 

pass2

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Changes in the Unix box ( for example Linux is the Unix Client)

Edit /etc/sysconfig/network:

NISDOMAIN=<domain name>

 

Edit /etc/yp.conf:

domain <domain name> server ip.of.master.server

 

Edit /etc/hosts:

ip.of.master.server hostname.domain hostname

 

Set NIS domain-name:

client# domainname <domain name>

client# ypdomainname <domain name>

 

Edit /etc/nsswitch.conf:

 

passwd: files nis

shadow: files nis

group: files nis

 

The /etc/hosts.allow file will need rules allowing access from localhost and the NIS master server.

 

Start ypbind service:

client# /sbin/service ypbind stop

client# /sbin/service ypbind start

Or

client# service ypbind start

client# chkconfig ypbind on

 

Test it out:

client# rpcinfo -u localhost ypbind

client# ypcat passwd

client# ypwhich