I've used MS' UNIX services and NIS and for the most part it worked as advertised. My one recommendation would be to front end it with a number of Linux NIS slave servers. As my environment grew the MS NIS service would frequently crash. After adding the Linux slaves, it was mostly stable.
My other gripes with the setup was: - AD propagation throughout all sites only worked once ALL AD servers were 2003 R2. I wasn't in IT so I couldn't mandate it and it took some time for them to catch up. - Keeping Windows groups and UNIX groups in sync for users was a hassle. I'm currently looking at a third party solution to solve the above as well as implementing a more secure setup vs. NIS. I've toyed with Samba, Winbind, etc. but being that I also have to account for AIX, HPUX and Solaris, I've grown tired of trying to keep up with the various recipes and headaches. cjs On Tuesday, 12/30/08 9:57 AM, "Edward Ned Harvey" <[email protected]> wrote: >> I'd really like a solution that is relatively painless to install/ >> configure so I can train puppet how to take care of this for me (Still >> learning puppet). Failing that I'm looking for a recipe that I can >> hand to a junior admin. > > In that case, your best solution is probably the MS built-in UNIX services and > NIS. Nothing else is as simple and straight-forward. Just read my comments > in the email one minute ago ... > > Also, I'd recommend enabling the services on more than one server. NIS > clients perform very well switching from one NIS server to another, in the > event one server becomes unavailable. But of course, only if there's more > than one server available, and only if you told the clients about it. > > > > _______________________________________________ > Tech mailing list > [email protected] > http://lopsa.org/cgi-bin/mailman/listinfo/tech > This list provided by the League of Professional System Administrators > http://lopsa.org/ _______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
