HP UX LDAP-UX Integration Software manual Security Comparison between LDAP-UX and NIS+ NIS+ with

Page 13

Overview of NIS+ to LDAP Migration

Comparing Features and Security Between LDAP-UX and NIS+

•NIS+ can hide passwords from users and supports Trusted Mode to offer extensive password and account policies. But, the passwords are sent in clear text format over a network.

With LDAP support, passwords can be hidden from users. Passwords may also be hashed to protect passwords. The LDAP directory server supports UNIX-crypt, SHA, and SSHA hashing methods. Although SASL, Digest-MD5 protects passwords over a network during authentication, it requires passwords to be stored in clear text format in the directory server.

	Table 1-2 compares security between LDAP-UX and NIS+:
Table 1-2	Security Comparison between LDAP-UX and NIS+

		NIS+ with	LDAP-UX
	Security	NIS+ with	Coexisting with
	Security	Trusted Mode	Coexisting with
		Trusted Mode	Trusted Mode
			Trusted Mode

	last login reporting	yes	local accounts only

	auditing	yes	yes

	account expiration	yes	a

	administrative account lock	yes	a

	lock account due to max failed	yes	a
	logins

	option to disallow null passwords	yes	a

	auto-generated passwords	yes	a

	password history	yes	a

	boot authentication	local accounts only	local accounts only

	lock device due to max failed logins	yes	local accounts only

	time-of-day login restrictions	yes	a

	who last changed the password	yes	a

	long passwords	local accounts only	a

Chapter 1

7

Image 13

Contents Manufacturing Part Number J4269-90054 E0606 EditonLegal Notices Contents Glossary Index Publishing History Intended AudienceWhat’s in This document Command and Tool Reference Use this chapter toHP Encourages Your Comments Overview of NIS+ to Ldap Migration Overview Documentation References Overview of the LDAP-UX Integration Product Ldap Directory Server and LDAP-UX Client ServicesFeature Comparison Between Ldap and NIS+ Comparing Features and Security Between LDAP-UX and NIS+Security Comparison Between LDAP-UX and NIS+ Features Comparison between Ldap and NIS+Security Comparison between LDAP-UX and NIS+ NIS+ with Security Coexisting with Trusted ModeTrusted Mode Sharing Comparing Ldap and NIS+ InformationSimpliﬁed NIS+ Environment Simpliﬁed LDAP-UX Client Services Environment How LDAP-UX Client Services WorkComparing Ldap and NIS+ Information Sharing Ldap Administrator ‘s Tools Description LDAP-UX Client Administrator’s Tools Migration ScriptsNIS+ to Ldap Migration Tools Description Tool Description NIS+ to Ldap Migration ToolsOverview of NIS+ to Ldap Migration Before You Begin Migrating NIS+ to LdapBefore You Begin Summary of Migration Steps Migrating NIS+ Service Data to the Ldap ServerStep Migrating NIS+ Clients to LDAP-UX Client Services Installing Netscape Directory Server Installing and Conﬁguring Your Ldap Directory ServerConﬁguring Netscape Directory Server Installing the LDAP-UX Integration Product ONC EP/NCF Software Requirement Installing ONC EP/NCF Software and AutoFS 2.3 PatchSeptember AutoFS Patch Requirement Chapter Publickey Schema Publickey and Automount SchemasFollowing shows the new automount schema in the Ldif format Automount SchemaImporting Your NIS+ Data to Your Ldap Directory Server Steps to Import Your NIS+ Data into Your Directory Server and placed into a Ldif formatted ﬁle Importing Your NIS+ Data to Your Ldap Directory Server Migrateallnisplusonline.sh Enter the manager DN Conﬁguring LDAP-UX Client Services Automount files ldap Conﬁgure the LDAP-UX Client Services, see the Conﬁgure Conﬁguring LDAP-UX Client Services Verify LDAP-UX Client Services Ll /tmp Ls -l Verify LDAP-UX Client Services Chapter Syntax Ldappasswd CommandExamples Ldap Directory ToolsLdapentry Syntax LdapscopeExamples Ldapsearch Ldapmodify Ldapdelete NIS+ to Ldap Migration ScriptsMigrates groups Migrates all user General Syntax For Migration Scripts Environment VariablesNaming Context Default Naming ContextNIS+ Map Name Location in the Directory Tree NisMapName=mapname Non-standard mapa Migrating The Credential TableMigrating Most of Service Data Using One Script Migrating Individual Service Data Migrating User-Deﬁned Maps NIS+ to Ldap Migration Scripts NIS+ to Ldap Migration Scripts Following shows the nispautomap.ldif ﬁle NIS+ to Ldap Migration Scripts Chapter Ldap Data Interchange Format Ldif GlossaryNetwork Information Service Plus NIS+ Glossary Index Symbols

Related manuals

Manual 214 pages 54.35 Kb

Manual 26 pages 60.39 Kb