It's been a while since I last posted about my adventures at work with Solaris.  The optimistic amongst you may have just figured "hey, he got it working and is being snobbish about sharing the tricks to it with us."  Oh how I wish that were the case...instead, it's been dragging out, sitting there half complete while other stuff comes up.

 

It's been half complete because it was going nowhere.  And has continued to go nowhere.  But the monitor for the one Sun system has been sitting on my desk, glaring at me and serving as a constant reminder of my shame & failure.

 

High points: I got Samba working!  Single sign-on!  whoo-hoo!  Better yet, it stayed working.  Until we upgraded the DC's, which now run Windows Server 2003 R2.  Crap.

 

See, in Server 2003 R2, the schema changed to be RFC 1307 (I think that's the #...) compliant.  That means that the builtin OS tools for managing Unix identity attributes no longer work with the settings that Samba's winbindd picks up.  So effectively, Samba has stopped working as desired.

 

So after looking at the current state of things, and what was actually needed, and my available options, I decided to scrap the whole lot.  And so, in 10 minutes of using Windows to set things up, and another 3 hours on Solaris, I'm almost back to where I was with Samba for integrated authentication.

 

Steps to retrofit NIS onto Solaris: