Allowing a managed computer to authenticate NIS users

If you are using one or more managed computers as a NIS server to provide “agentless” authentication to NIS client requests or to publish NIS network maps, you can identify those computers in Access Manager by setting the Allow this computer to authenticate NIS users option on the computer’s Centrify Profile. Setting this option adds the computer account to the zone_nis_servers Active Directory group. Additional configuration is required if you want a managed computer to respond to NIS client request.

This option is provided because using Centrify Network Information Service (adnisd) is more secure than using a legacy NIS server and can be useful to accommodate certain situations, such as a transition from NIS domains to Active Directory domains. However, continuing to use NIS client requests to retrieve network information is not a secure practice and might result in an audit finding in some organizations.

For more information about installing, configuring, and using the Centrify Network Information Service, see the Network Information Service Administrator’s Guide.