Recipe 18.10 Replacing NIS

18.10.1 Problem

You want to replace all or part of your NIS infrastructure with Active Directory. NIS serves many of the same functions as Active Directory and you can reduce costs by integrating both infrastructures.

18.10.2 Solution

The Microsoft Services for Unix (SFU) suite provides numerous tools that can aid in integrating your Unix and Windows systems. SFU has a NIS server that can be used as a replacement for existing NIS servers and uses Active Directory as its data store. SFU comes with a set of schema extensions that the NIS server uses to structure the user, group, and host information that NIS clients require. SFU also includes a NFS server and client software if you are trying to interoperate with NFS. All of the SFU software runs on Windows operating systems. More information on SFU can be found on the following site:

If you'd rather not use SFU, another option is the NIS/LDAP Gateway from PADL Software ( The PADL NIS/LDAP Gateway utilizes the SFU schema extensions to provide NIS services with an Active Directory backend. NIS clients can use the gateway to resolve user, group, and host information and works with SunONE Directory Server as well as Active Directory. The NIS/LDAP Gateway is supported on a host of Unix-based platforms including Solaris, FreeBSD, and Linux.

18.10.3 See Also

LDAP System Administration (O'Reilly), MS KB 324083 (HOW TO: Install Server for NIS on Windows for Unix-to-Windows Migration), MS KB 324541 (HOW TO: Configure Server for NIS for a Unix-to-Windows Migration), and MS KB 324543 (HOW TO: Migrate Existing NIS Maps to Server for NIS in a Unix-to-Windows Migration)

    Chapter 3. Domain Controllers, Global Catalogs, and FSMOs
    Chapter 6. Users
    Appendix A. Tool List