Selecting a computer for NIS authentication

You can designate any computer in a zone to act as the NIS server for the zone by setting the Allow this computer to authenticate NIS users computer property as described in“Adding support for agentless clients”in the Administrator’s Guide for Linux and UNIX. For example, expand the Computers node in the zone that will service NIS client requests, select the computer account, right-click to select Properties, then click the Centrify Profile tab to set this option.

The computer account acting as a NIS server for the zone must be able to access the attribute containing the password hash for agentless authentication to be successful.

Selecting Allow this computer to authenticate NIS users adds the computer account to the zone_nis_servers Active Directory group. Computer accounts that are placed in the zone_nis_servers group are automatically granted permission to read the attribute that stores the password hash for users in the zone.

This property setting enables the computer account to access the password hash so that it can authenticate users in response to NIS client requests. However, you must manually install and start the Centrify Network Information Service on the physical computer before the computer can act as a NIS server.