How HP-UX and Windows 2000 Products Integrate

There are two approaches to integrate HP-UX account managemant and authentication with Windows 2000:

NIS

LDAP

NIS Integration:

Windows 2000 as NIS Server + HP-UX as NIS Client + HP-UX PAM_Kerberos

Server for NIS is one of the SFU 2.0 tools, which enables Windows 2000 to serve as an NIS server. It utilizes AD to store user account and group information. An NIS client on HP-UX communicates with the NIS server on Windows 2000 to retrieve information from AD. The PAM Kerberos product on HP-UX uses Windows 2000 Kerberos Services to authenticate users who want to log into HP-UX machines. Although PAM_UNIX can authenticate users stored in an NIS server, it is not a good choice for this integration, because PAM_UNIX mainly retrieves user account information from the server, then authenticates users on the client machine, which doesn’t have the benefit of common authentication. The following figure illustrates the integration between two NIS platforms.

NIS:

HP-UX Client

getpwnam()

NSS engine

NSS_NIS

Windows 2000 Server

NIS protocol

Server for NIS

 

 

Active

 

 

 

 

(SFU 2.0)

 

 

Directory

 

 

 

 

 

 

 

 

7

Page 7
Image 7
HP UX LDAP-UX Integration Software manual How HP-UX and Windows 2000 Products Integrate, NIS Integration, HP-UX Client