NIS / LDAP Question

Discussion topics, Linux related - not requests for help

Moderators: ChrisThornett, LXF moderators

NIS / LDAP Question

Postby gax7497 » Thu May 17, 2012 2:54 pm

Hey all!

Long time lurker, first time poster...

I was teaching Linux last night and we covered NIS and LDAP. Since I am not a system admin (other than for my own computers) I don't have much experience in this area. It seemed to me that the textbook was saying that NIS is older and Linux-only whereas LDAP is newer and can be used in a heterogeneous environment. The big red flag to me was when I saw that NIS doesn't have any encryption but LDAP does...

If the above is true... Is NIS used anywhere anymore aside from legacy systems? In the workplace, if a new system was being created, would LDAP be the best choice?

Any help you can offer is greatly appreciated!
Doc Brown

-- Here's to Life, Linux and the Pursuit of Happiness!
gax7497
 
Posts: 3
Joined: Thu May 17, 2012 2:47 pm
Location: Indianapolis, IN

Postby wyliecoyoteuk » Thu May 17, 2012 10:45 pm

AFAIK, they are just different.
NIS is for unix network authentication, LDAP is for directory based authentication.
LDAP is a common directory based sytem, and Active Directory (Microsoft) or NDIS (Novell) for example, are just different implementations.
The sig between the asterisks is so cool that only REALLY COOL people can even see it!

*************** ************
User avatar
wyliecoyoteuk
LXF regular
 
Posts: 3456
Joined: Sun Apr 10, 2005 10:41 pm
Location: Birmingham, UK

Postby dizwell » Sun May 20, 2012 7:09 am

It's definitely *not* the case that NIS is "Linux only": it was originally called 'yellow pages' and was invented by Sun. So it shipped with Solaris, at least. It was then ported to just about every Unix out there, including Linux.

It was invented long before LDAP, but could reasonably be seen much as Microsoft's Active Directory is: a proprietary implementation of a network directory service. Obviously, NIS is no longer proprietary, but it certainly started out as one company's way of dealing with distributed, replicated network authentication and identification.

LDAP is a more modern, standards-compliant way of achieving the same thing, but it is certainly a subtler, richer way of doing it -and does include encryption baked-in. NIS+ has built-in encryption but is trickier to get working than the original NIS.

I doubt anyone would plan on implementing NIS anymore, and NIS+ would likely also not be considered.
dizwell
 
Posts: 61
Joined: Tue Aug 02, 2005 11:05 pm


Return to Discussion

Who is online

Users browsing this forum: No registered users and 0 guests