Many organizations' IT infrastructures are a mix of Windows, UNIX, and mainframe computers. Platform and application integration inevitably includes integrating core UNIX and Windows security services such as account management (i.e., the management of security principals' identities and attributes—and possibly user privileges) and authentication (i.e., the verification of security principals' identities). Late last year, Microsoft released Windows Services for UNIX (SFU) 3.0, a software suite that facilitates the integration of Windows and UNIX. SFU offers three features that help integrate Windows and UNIX security: Server for Network Information Service (NIS), User Name Mapping, and Password Synchronization.
Server for NIS
Server for NIS is an SFU service that lets Windows Server 2003 and Windows 2000 Server domain controllers (DCs) act as NIS master servers. NIS, which Sun Microsystems released in 1985, was one of the first UNIX-based distributed naming services and is still in use today despite its data-model, replication, and security deficiencies. (The NIS data model can't be extended easily and NIS can't use incremental replication, but NIS's biggest deficiency is its complete lack of security. NIS doesn't authenticate users and transmits data in the clear, and NIS updates can be spoofed.) . . .
Register
