SUMMARY: NIS and NT User Authentication

From: Marty W. Bullock (
Date: Tue Jan 07 1997 - 15:41:18 CST

Thanks to the following for their replies:

Ian MacPhedran <>
Cheng, Bruce <>
Keith G. Weinberg <>
Niklas Paulsson <>
Bertrand Hutin <>
Marcos Padilla <> (Fletcher B. Cocquyt)
John D Groenveld <>
Trevor Paquette <>

<Original Question>
> First of all, let me briefly describe the situation:
> We're in the progress of relocating our entire LAN to a new building while
> adding about 50% more users to the network from other locations. At the same
> time, the powers that be have determined that we should migrate our PC side
> of the LAN to a Windows 95 environment with NT servers. Currently, we use
> PC-NFS Pro for authentication and user access to the Unix Servers. My Unix
> servers are currently running Solaris 2.5.1 with a Level 5 RAID storage
> system. The NT servers will be Compaq NT Servers (NT 4.0) with their own
> RAID system. My NIS server is using NIS.
> Now the question(s):
> Has anyone used NIS and NT together with both providing user authentication?
> Is NT even compatible with NIS?
> Just for clarity...If a specific user logs into the NT domain and then
> attempts to map a Unix network drive, will NT relay the user information to
> the NIS server? Is there ANY compatibility between the two?

<The Answer>

Well, of the responses so far, it looks like I've got a few programs to
check out. Thanks to all those that responded (list follows). Here's the

The overall consesus was that NIS and NT are NOT compatible without some
sort of third party intervention. Several different programs were suggested
to provide this interface. One thing that I forgot to mention was that only
my server is going to be running NT 4.0 (the rest of the herd is on 95).
After the coffee wore off last night, I determined that I should be able
continue to use PC-NFS Pro for the NIS authentication as long as I keep the
user databases identical. It will require that the users have two separate
logins when they start their system, but it's a small price to pay for
standardization. After the dust dies down I *do* plan on checking out some
of the programs listed below, primarily WinDD from Tektronix. It sounds
like a very robust interface between NT and NIS. Thanks again for all of
the replies! TTFN!

Here's some of the responses:

Ian MacPhedran
>Get samba via
>This will allow you to use NT domain authorisation to be used for
>verifying users for UNIX directory mounts from PCs.

Cheng, Bruce
>NIS and NT authentication are not compatible.
>Something that resembles of what you are referring to are from
>insignia's NTrigue product which allows
>NIS authentication. However, I am not sure if that 'feature' can be sell
>as a standalone product.

Keith G. Weinberg
>We use WinDD NIS for user authentication. Tektronix sells
>it out of their Networking division (
>As far as I know, there is no innate NT/NIS compatibility without
>third-party intervention. WinDD NIS works well for our user
>authentication purposes (it even does a background yppasswd when
>changing the NT password!). I believe that making the box a PDC
>will mean that workstations in the same domain will use the
>NIS features vicariously. . . you might not want to quote me on
>that however.
>Also, they have an NFS version that automagically maps users
>auto.home home directories. This means that the Unix home-directory
>is mounted on NT login (nice).
>WinDD itself allows your users to bring up an NT window on their Unix
>box, use the local floppy drive, and do a few other tricks. You
>might want to give it a shot if you are doing such a big integration.
>Don't get me wrong. . . it's its own bag of snakes, but it has solved
>quite a few of our migration headaches.

Bertrand Hutin
>> Is NT even compatible with NIS?
>> Just for clarity...If a specific user logs into the NT domain and then
>> attempts to map a Unix network drive, will NT relay the user information to
>> the NIS server?
>YES, the logname.

Fletcher B. Cocquyt
>We have NT NFS clients mounting UNIX server disks here using PCNFS
>running on the UNIX side. If the NT password matches the UNIX password for
>the same username, then the user does not need to supply a password when
>mapping the UNIX server disk...the NT client is compatible with the PCNFS
>daemon running on the UNIX side in that respect.

\/ Marty W. Bullock \/
/\ Unix Systems Administrator /\
\/ Siemens Energy & Automation, Inc. \/
/\ 3496 Montreal Industrial Way /\
\/ Tucker, Georgia 30084 \/
/\ e-mail: /\
\/ Phone: (770) 496-8623 Fax: (770) 496-8627 \/

This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:42 CDT