OIT Networking & Monitoring Services

Host Database: Change from NIS to LDAP Accounts and Passwords

OIT Network Systems
July 7 2003

On July 14 2003, Web access to the Princeton University Host Database will be reconfigured to use LDAP Directory accounts and passwords, instead of NIS (UNIX) accounts and passwords. This change is one step in making Princeton's password use more secure.

NIS accounts and passwords are the same ones that OIT UNIX systems (e.g. arizona, hats) have traditionally used; they are often referred to as "UNIX accounts and passwords." LDAP Directory accounts and passwords are the ones that OIT IMAP Mail Service uses; in the past they were sometimes referred to as "mail accounts and passwords."

If you make changes to the Host Database via the Web today, the account name you use to login to the Web server will not change; it will remain your OIT netid. This is because both NIS accounts and LDAP use the same OIT netid, and NIS accounts are a subset of LDAP accounts.

However, the password you use to login to Web server may change. That's because your NIS password and LDAP password may differ. If they differ, then beginning July 14 2003 you will need to switch to specifying your LDAP password to make changes to the Host Database via the Web.

If you wish, you may change your NIS and LDAP passwords using P-Synch, an OIT facility used to set a number of your OIT passwords, including those used for NIS and LDAP. You may even choose to change the passwords so they are identical to each other.

There are also LDAP accounts that are not present in NIS, because not all entries in the LDAP Directory have associated UNIX accounts. Up until now, these LDAP accounts could not change the Host Database via the Web. Starting July 14 2003, these LDAP accounts will be able to change the Host Database via the Web, assuming the accounts have a valid OIT netid and LDAP password.


A service of OIT Networking & Monitoring Services
The Office of Information Technology,
Princeton University