Home

This document is a cache from http://www.centrify.com/downloads/public/centrify_dc_solution_guide.pdf


Solution Guide: Windows Security and Directory Services for ...

Document source : www.centrify.com

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 All Pages

WINDOWS SECURITY AND DIRECTORY SERVICES FOR UNIX USING CENTRIFY DIRECTCONTROL
74
© CENTRIFY CORPORATION 2004-2005. ALL RIGHTS RESERVED.
PAGE 74
The following figure illustrates the functionality of the Network Information Service
included with DirectControl.
Figure 1.13. An example of the Network Information Service included with
DirectControl
As indicated in the figure, a Zone of UNIX computers called "Finance Zone" has been
created. The UNIX computers that are not managed by DirectControl but need access to
the information stored in Active Directory can be configured to send their NIS requests to
the DirectControl­managed UNIX computer on which the DirectControl NIS daemon
runs. The NIS daemon passes these requests to the DirectControl daemon (adclient)
that, in turn, connects to Active Directory to retrieve the requested information. Active
Directory returns the information from the data stored in the appropriate NIS map and the
information is passed back through the DirectControl NIS daemon (adnisd) to the client
that made the request.
NIS maps stored in Active Directory can be maps imported directly from an existing NIS
server and domain or imported from existing text files. The Centrify DirectControl
Administrator Console provides the interfaces for importing, creating, viewing, editing,
and deleting the maps.
Enabling Configuration and Access Control with Active
Directory and Group Policy
One of the most requested features for Centrify's DirectControl product is the
requirement to extend Microsoft's Group Policy system to UNIX, Linux, and Macintosh
computers. For many companies, centralized policy and configuration control is just as
important as centralized identity management.
Applying Domain-wide Policy through Active Directory
After you deploy the End State in your production environment, a logical next step is to
review policies and mandatory configuration settings that are currently enforced for
Windows computers through Group Policy and evaluate the potential applicability of
these policies for UNIX, Linux, and Macintosh computers. You can apply some of these

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 All Pages



Share |
    |     Download PDF



Summary :

WINDOWS SECURITY AND DIRECTORY SERVICES FOR UNIX USING CENTRIFY DIRECTCONTROL 74 © CENTRIFY CORPORATION 2004-2005. The UNIX computers that are not managed by DirectControl but need access to the information stored in Active Directory can be configured to send their NIS requests to the DirectControl­managed UNIX computer on which the DirectControl NIS daemon runs.


Tags : directcontrol,directory,nis,information,actie,unix,computers,policy,daemon,figure,group,configuration,through




Terms    |    Link pdf-search-files.com    |    Site Map
   |    Content Removal Notice   
   |    Contact   

All books are the property of their respective owners.
Please respect the publisher and the author for their creations if their books copyrighted