> It appears from looking through the archives that it's practically
> impossible to set up a Tru64 C2 system as an NIS master and have,
> say, Solaris and Linux systems participate in the domain. Is this
> reading correct?
>
> If that's not correct, and such a mix of systems does work, how do
> things like password expiration get communicated? Can users change
> passwords from these non-Tru64 clients, especially with long
> passwords, triviality checks and similar features? It seems
> unlikely.
That is correct. One may serve the plain passwd map to clients but
there are no standards in place to allow sharing of the prpasswd or
shadow passwords, or otherwise allow multiple vendors to do C2 together
via NIS. There doesn't appear to be much progress in that direction,
either.
Several alternatives were suggested, including using LDAP with SSL,
keeping separate enhanced password files on the different platforms,
finding/writing another NIS package, and using Samba's smbpasswd via a
"password chat" script.
Kerberos is looking like an attractive alternative, despite the pain to
get it set up.
Thanks to the following for their quick, informative replies:
Ken Kleiner <ken_at_cs.uml.edu>
Ann Majeske <Ann.Majeske_at_Compaq.com>
Rochelle Lauer <LAUER_at_hepvms.physics.yale.edu>
Rick Greene <GREENER_at_labs.wyeth.com>
Uwe Richter <ur_at_minet.uni-jena.de>
Regis.Carlier_at_univ-valenciennes.fr
Tom Webster <webster_at_SSDPDC.LGB.CAL.BOEING.COM>
Regards,
Wayne
Received on Thu May 24 2001 - 23:23:34 NZST