HPE Community
Operating System - HP-UX
1830935 Members
2470 Online
110017 Solutions
New Discussion

Password/userid synchronisation

 
Frode Vold
Occasional Advisor

‎11-01-2000 06:22 AM

‎11-01-2000 06:22 AM

Password/userid synchronisation

I am working in a company situated in about 40 different locations. Many of our users have userid on several of these machines (hpux (10.20 and some 11.0) on every location + 1 NT server (1 domain)).
In some cases the users have many different passwords to remember + it gives us unnecessary support.
Is there any tools that uses the NT-user password to synchronise the /etc/passwd on hpux servers, or vice versa ?
(+ maybe automatical creation of the home area on these hpux servers)

0 Kudos
Reply
12 REPLIES 12
Lasse Knudsen
Esteemed Contributor

‎11-01-2000 06:41 AM

‎11-01-2000 06:41 AM

Re: Password/userid synchronisation

Hi,

It is not possible to "syncronize" the the passwords between the systems (both uses one-way encryptions schemes and are not combatible).

You could however authenticate you users towards the NT-server (so they use the NT-password as their Unix password)

You need a NTLM Pam module and I think it is only available on 11.00 - look for it on http://www.software.hp.com, I do not recall if it is included with the CIFS9000 product (also available on that site)
In a world without fences - who needs Gates ?
0 Kudos
Reply
Victor BERRIDGE
Honored Contributor

‎11-01-2000 06:45 AM

‎11-01-2000 06:45 AM

Re: Password/userid synchronisation

Could you consider using NIS or NIS+?
This would solve your unix part problem

Just thoughts...
Best regards
Victor
0 Kudos
Reply
Frode Vold
Occasional Advisor

‎11-01-2000 06:51 AM

‎11-01-2000 06:51 AM

Re: Password/userid synchronisation

Hi
To Victor: As far as i know NIS does not support sync. over WAN ??
0 Kudos
Reply
Ralph Grothe
Honored Contributor

‎11-01-2000 07:11 AM

‎11-01-2000 07:11 AM

Re: Password/userid synchronisation

As far as I have heard, are the algorithms that do the cryptography on Unix an Win32 disparate. :-(

The only way out I could think of would be to write one's own wrapper script/prog that reads plaintext passwords from user input and does the encryption for each system separately.

You could probably use Perl to do this.
The encryption for the Unix part is straight forward with Perl's standard crypt function.
Consult the example in the POD ("perldoc -f crypt").
For the Windoze part there are Win32 modules in the CPAN that give you a handle.
Have a look at the POD of Win32::NetAdmin or alternatevly Win32::Lanman.

HTH
Madness, thy name is system administration
0 Kudos
Reply
Alan Riggs
Honored Contributor

‎11-01-2000 07:49 AM

‎11-01-2000 07:49 AM

Re: Password/userid synchronisation

re: NIS

You can certainly have a domain that spans a WAN, but you do require a slave server in each subnet.
0 Kudos
Reply
Victor BERRIDGE
Honored Contributor

‎11-01-2000 08:26 AM

‎11-01-2000 08:26 AM

Re: Password/userid synchronisation

Here we have a dept that has different networks (subnets) in geagraphicaly different sites that use NIS with 2 nis servers...
0 Kudos
Reply
MARTINACHE
Respected Contributor

‎11-01-2000 12:14 PM

‎11-01-2000 12:14 PM

Re: Password/userid synchronisation

If you have 10.20 and 11.00 servers, you can only install NIS.
NIS+ is only supported on HPUX 11.00

Good luck,
Patrice.
Patrice MARTINACHE
0 Kudos
Reply
Rick Garland
Honored Contributor

‎11-01-2000 12:18 PM

‎11-01-2000 12:18 PM

Re: Password/userid synchronisation

NIS and SAMBA (CIFS/9000) are valid options.
0 Kudos
Reply
Rick Garland
Honored Contributor

‎11-01-2000 12:19 PM

‎11-01-2000 12:19 PM

Re: Password/userid synchronisation

NIS and SAMBA (CIFS/9000) are valid options.
0 Kudos
Reply
John Eaton
Frequent Advisor

‎11-01-2000 01:20 PM

‎11-01-2000 01:20 PM

Re: Password/userid synchronisation

The reply regarding PAM on 11.0 only is correct, as is 11.00 only for NIS+, and if by chance your using TCB on 10.20, NIS does not work. Does not leave much to work with.
We reviewed a number of 3rd party software packages, and found 1 that looks like a solution for us... MC/SG on 10.20 using TCB, Novell, and NT 4.0. The package is Blockade Password Sync. Real simple to implement and use. Supports password changes in any direction. Company is Blockade Systems, Inc., phone 631-499-0543.
0 Kudos
Reply
jeffrey groff
Occasional Advisor

‎11-02-2000 05:20 AM

‎11-02-2000 05:20 AM

Re: Password/userid synchronisation

I'm facing exactly the same problem and I've been doing a bit of research and found Windows Services for Unix on the Microsoft website (http://www.microsoft.com/windows2000/sfu/psync.asp). I've read the documentation and it seems like this would be a good solution. However, I have yet to obtain and test the software.

0 Kudos
Reply
Barry O Flanagan
Respected Contributor

‎03-14-2001 04:02 AM

‎03-14-2001 04:02 AM

Re: Password/userid synchronisation

Have you considered using LDAP? LDAP-UX might be what you're looking for.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.