NIS is used on Unix networks to keep important system files, such as the password file, synchronized among a group of servers. Remember that on Unix systems, each server has a password file, a user group file, and other important files that are managed locally on each server by default. This is similar to using a Windows computer in a standalone manner where each Windows computer has its own user account database. NIS uses a database of maps that contain entries for the files the system administrator chooses to keep synchronized. For redundancy purposes, a master NIS server can be used along with slave NIS servers that receive updates from the master server. SFU version 3.0 contains a component that can be used to allow a Windows 2000/2003 domain controller to operate as a NIS server. The Windows server can operate as either a master or slave NIS server. However, if it is to operate as a slave server, the master NIS server on the network must also be a Windows server. This is due to the way NIS is implemented in Windows 2000/2003: The information that Unix NIS servers store in a map database is stored in the Active Directory. The Active Directory schema is extended to include a class for each NIS map. Then objects are created based on this class for each map entry. NIS uses its own protocol to send updates from a master NIS server to slave servers. The Active Directory, on the other hand, has its own method for replication information to other Active Directory replicas. The two methods are not compatible. That's the reason why a Windows domain controller cannot be made a slave NIS server to a Unix master NIS server. However, Microsoft does provide support for the NIS protocol so that Unix systems can become slaves to a Windows 2000 master NIS server! So, if you decide to integrate NIS into the Windows 2000 portion of your network, you'll have to make a Windows domain controller the master NIS server. The advantages of using NIS should be obvious. On Unix networks, NIS relieves the administrator of having to manually coordinate important system files on multiple servers. By incorporating the SFU NIS server into the network on a Windows domain controller, you can use the tools designed around the Active Directory to manage not only your Windows users but also users on your Unix systems. Another advantage to using a Windows-based NIS server is that the Active Directory is a hierarchical database, whereas the NIS database format is a flat namespace. You can place NIS maps into any container in the Active Directory, such as an organizational unit (OU). You can probably figure out from this that you can support multiple NIS domains in the same Active Directory database. |