We've implemented an LDAP to NIS solution and have begun transitioning some systems to native LDAP binding for authentication and automount maps. Unfortunately we have a very mixed environment with more than 20 *nix environments. The setup for each variant is of course unique and has required various workarounds to get full functionality. We're now at the point where we're willing to revisit the solution and possibly migrate toward something like Likewise (http://www.likewise.org), but would like to know what others are using to solve this problem.
Linux – Alternatives to native LDAP
authenticationldaplinuxunix
Best Answer
@Avery,
This is essentially what Likewise Open does. It makes use of Kerberos (via PAM) to authenticate the user. It also provides NSSWITCH modules to perform SID->ID mapping (using various algorithms, some LDAP based, some hash based).
It has several advantages over plain old pam_krb5:
Cheers,
Manny Vellon CTO, Likewise