For sure, it is very bad to use NIS authentication and NIS authorizations, it is really better to use Kerberos ad LDAP instead.
I will not go in the details now, but it is true that NIS is not something secured, however, the fact to totally eliminate the NIS Services is impossible for a lot of organizations.
This sample chapter covers all the name service topics that appear on the Certified Solaris Administrator Examination for Solaris 2.6, Part II, including overview of naming services; configuring and managing NIS servers and clients; NIS, NIS , and DNS; and NIS security.
name services store information in a central location that users, systems, and applications must have to communicate across the network.
Some details: I'm running Scientific Linux 6.4, with ypserv-2.19-26, ypbind-1.20.4-30, and yp-tools-2.9-12.
NIS is configured to use $ sudo yppasswd phil Changing NIS account information for phil on ypmaster.
Through my different projects, I had meet a lot of organizations which are using mixt environment with Windows and Unix boxes and I can say the NIS usage is even nowadays very widespread.These organizations have a « IT history », from years, and a lot of very important information still remain in the NIS maps (automount, etc.) So, the goal is to use Kerberos/LDAP for authentication/authorization services and a NIS Gateway service which expose to NIS client the maps NIS which are stored in Active Directory.Using this way, we get the best of the two worlds, we can secure the authentication with Kerberos and the organization is able to continue to use the NIS maps for the legacy needs.As this information changes, without a name service, administrators must keep it current on every system in the network.In a small network, this is simply tedious, but on a medium or large network, the job becomes not only time-consuming but also nearly unmanageable. It stores network information on servers and provides the information to any workstation that asks for it.So on the end we end up 100 servers of all types of UNIX systems.