On Fri, 18 Mar 2011, MOKRANI Rachid wrote: > Hi, > > I'm looking a wiki or share experience for replace NIS authentication by > an existing Active directory Server (W2003). The problem is on the > management of id and gid. > > How to move 1000 actual NIS users to AD ? Create matching accounts in AD. This is standard Active Directory stuff, there really aren't any gotchas I can think of. > How to keep the same id and gid for this 1000 users ? Make sure the SFU attributes have the correct values. You can do all this through LDAP as far as I know. Alternatively remap all your UIDs/GIDs and switch to a RID mapping scheme instead. You need to think about how you're planning on working in the future. > What's happen with nfs linux server and acess with gid and/id ? It works exactly the same as it does now. > Use the same user/password for linux and Windows clients > authentification? Feel free to use windbind or pam_krb5 for authentication, both easy to setup. You'll need nss_ldap with pam_krb5, but winbind can do the whole bag. > Does someone has already successfully replace NIS by Ad authentification > with freeware solution ? Probably the easiest it to use winbind, but we use nss_ldap and pam_krb5. There's plenty of documentation on how to do this out there. jh