Network Information Services (NIS) enables you to create user accounts that can be shared across all systems on your network. The user account is created only on the NIS server. NIS clients download the necessary username and password data from the NIS server to verify each user login.
An advantage of NIS is that users need to change their passwords on the NIS server only, instead of every system on the network. This makes NIS popular in computer training labs, distributed software development projects or any other situation where groups of people have to share many different computers.
The disadvantages are that NIS doesn't encrypt the username and password information sent to the clients with each login and that all users have access to the encrypted passwords stored on the NIS server. A detailed analysis of NIS security is beyond the scope of this book, but I suggest that you restrict its use to highly secure networks or to networks where access to non-NIS networks is highly restricted.
The Lightweight Directory Access Protocol (LDAP) offers similar features to NIS but has the advantage of supporting encryption without additional software and can support clients across multiple networks without the need for slave servers. It is for this reason that LDAP has become increasingly popular for this type of application. LDAP is discussed in more detail in Chapter 31, "Centralized Logins Using LDAP and RADIUS".
Contents
- 1 Sponsors
- 2 Introduction
- 3 Scenario
- 4 Configuring The NFS Server
- 5 Configuring The NFS Client
- 6 Configuring The NIS Server
- 7 Adding New NIS Users
- 8 Configuring The NIS Client
- 9 NIS Slave Servers
- 10 Changing Your NIS Passwords
- 11 Considerations For A Non NFS Environment
- 12 NIS Troubleshooting
- 13 Conclusion
No comments:
Post a Comment