Centrify Your IT

NIS-to-Active-Directory Migration

Replace NIS with Active Directory — a fault-tolerant LDAP database that seamlessly integrates Kerberos-based authentication — to enhance security while simplifying your environment

Sun's end-of-life announcement for NIS (Network Information Service) has spurred many organizations to look to replace their existing NIS infrastructure with a solution that is more secure and easier to manage. NIS fails security and compliance audits because traffic between a NIS server and client is not secure. And maintaining and reliably distributing NIS maps is a cumbersome task that introduces a separate, hard-to-maintain identity silo within an organization.

Centrify delivers a robust NIS-to-Active-Directory migration solution to fit a variety of customer environments. Active Directory is a scalable, fault-tolerant infrastructure that marries LDAP for identity management and Kerberos for secure and authenticated communication between itself and client systems. Centrify DirectControl seamlessly joins Linux and UNIX systems to your Active Directory domain and automatically sets up and configures Kerberos on those systems. The result is a highly secure and easy-to-manage NIS replacement that simplifies your existing IT environment and streamlines IT processes by leveraging your existing Active Directory infrastructure, tools and skill sets.

Centrify provides a variety of tools and migration paths to fit different environments.

  • For those who want to completely replace NIS, our Centrify DirectControl can be used to migrate disparate NIS identities into Active Directory without painful UNIX ID rationalization, and our free UNIX account migration wizard automates the process.
  • Netgroups can be managed in Active Directory, using either Centrify Zones or Active Directory groups, including both users and computers. Converting netgroups into Active Directory groups can have an added benefit: it enables you to use our role-based privilege management capabilities and unique computer roles to set entitlement grants.
  • For NetApp filers or other devices where a Centrify Agent can't be installed, Centrify also provides a NIS Proxy service. A more secure alternative that eliminates NIS across the wire is to use our LDAP Proxy service, which can pass directory information back to legacy devices in RFC 2307 format.