Unix with NIS or NIS+
Normally, in an NIS or NIS+ environment:
There is a single, master password for every user.
Password changes made on an NIS client are automatically propagated to the NIS master server. When this happens, only the password hash, and not the plaintext password, is sent to the NIS master server.
Password resets are only possible on the master server.
In NIS, password resets must be made by manually editing the passwd map file.
Bravura Pass allows you to extend the reach of the single NIS password:
Password changes made in the NIS environment can be automatically propagated to other, non-NIS systems.
Password changes made outside of NIS can be automatically propagated to the NIS environment.
Password resets can be made from the command-line of the NIS master, or from a web browser, replacing the manual editing process.
Propagation of new passwords between an NIS master and its secondaries can be replaced by Bravura Pass password propagation, which is much faster.
The installation process is the same as for individual Unix servers, with the following exceptions:
The Bravura Pass Unix server / listener is only installed on the NIS master server.
You need to edit additional scripts for an NIS connector. See the Connector Pack Documentation .
A replacement passwd program (
pspasswd) must be installed on all NIS client machines, and not just on the master. This is required because Bravura Pass needs access to plaintext password values to synchronize with other systems, but the NIS master only receives password hashes, and not plaintext passwords.Alternately, you can replace passwd on the NIS clients with a shell script that can:
Invoke a web browser, prompting users to change their passwords using a Bravura Pass web interface.
Use a program such as SSH to run the passwd program on the NIS master server.