Good morning!
I've been offlist for years, and hopping back on for various reasons, I see a thread that I'd like to add to. There's an old thread on NIS use in Centrify that I'd like to add some comments to. I'm still forced to work with NIS for various reasons, including interaction with heavy duty NAS's that require it for NFSv4.
I have been busy falling in serious love with Centrify (www.centrify.com) for this. For an environment that already has an extensive Active Directory investment, it's a way to save weeks or months of expensive engineering time and get on with your job. It's a commercial toolkit, reasonably open source friendly and with free components for home users. It provides a very good plug-and-play solution to merging Linux and UNIX authentication, including NIS support, to an Active Directory back end. They basically do what I'd do if I had the time, including workable GUI's and error reporting.
You get genuine single-sign-on, commercially supported Putty for your Windows clients, Kerberos password handling, commercially supported OpenSSH 5.x with GSSAPI, good support for multiple "zones" that have different sets of authorized users, scriptable toolkits for adding or adding machines to the relevant zones, etc., etc. It works well with CentOS 5.x, and saves me the work of having to manually compile my own OpenSSH to get GSSAPI support.
And the NIS plugin works *very* well and saves weeks of work building your own solution with the limited and out of date components in CentOS or RHEL 5. It "Just Works(tm)".