- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Nis plus and trusted systems
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-01-2004 03:39 AM
03-01-2004 03:39 AM
I have a client that requires single sign on to multiple HPUX 11.0 servers. Currently we use NIS
They also require set password length, set password history and account lock out after 3 invalid password attempts.
Are there any security patches that will enable this (I seem to remember seeing something for 11i but not 11.0) ?
Would NIS plus and trusted systems be the best bet and if so what is the admin overhead ?
Or does anyone know of a third party product that provides single sign on and most of the functionality of trusted systems ?
Thanks
Dean
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-01-2004 03:48 AM
03-01-2004 03:48 AM
SolutionNIS+ and trusted is a viable solution. As long as you are not one of those guys that have routines to edit passwd field directly via scripts, the conversion to trusted should be quite painless. The conversion to NIS+ requires a bit steeper learning curve and unfortunately in some ways your knowledge
of NIS may hurt you more than it helps --- it's that different. Conceptually they are similar but that is where the similarity ends.
The downside to NIS+ is that it is probably not a truly long-term solution. If I were you, I would take a hard look at LDAP.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-01-2004 05:48 AM
03-01-2004 05:48 AM
Re: Nis plus and trusted systems
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-01-2004 08:18 PM
03-01-2004 08:18 PM
Re: Nis plus and trusted systems
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-01-2004 09:38 PM
03-01-2004 09:38 PM
Re: Nis plus and trusted systems
To follow up on your interest in LDAP, take a look at these links for starters:
LDAP-UX integration:
http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=J4269AA
Netscape directory server (LDAP server):
http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=J4258CA
OpenLDAP server:
http://www.openldap.org/doc/admin21/index.html
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-23-2004 12:46 AM
03-23-2004 12:46 AM
Re: Nis plus and trusted systems
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-23-2004 01:56 AM
03-23-2004 01:56 AM
Re: Nis plus and trusted systems
You do not need to convert to a trusted system. That would probably make it more difficult. I have no experience with this though.
I've got systems running with LDAP and MC/SG, and have experienced no problems so far.
HTH,
Robert
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-23-2004 02:33 AM
03-23-2004 02:33 AM
Re: Nis plus and trusted systems
Thanks for the quick response. Does LDAP (or the PAM plugin) provide "account lockout" after a configurable number of invalid login attempts ?
This is what I need to provide to the client along with single sign on capability - hence LDAP (for single sign on) and trusted systems (for the account lockout and other security features)
Regards
Dean
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-23-2004 05:28 PM
03-23-2004 05:28 PM
Re: Nis plus and trusted systems
Yes, LDAP provides those things. They depend heavily on your implementation though, for instance: I know that the OpenLDAP server supports them, but the HP-UX ldap client doesn't AFAIK. Netscape directory service (iPlanet nowadays) might, I don't know.
Let us know what your conclusions are?
Cheers,
Robert