Linux/Unix/Win2K domian in the small enterprise

Tue Feb 12 11:06:52 PST 2002

Hello all!
I have a small problem that is growing into an extremely large
difficulty.
I have a Windows 2000 network running Active Directory for Domain
management.
I also have a series of Solaris 8 boxes and will soon have the entire
development staff migrating their development workstations to Linux.
I am needing input on how to integrate the Sun, Linux, and Windows boxes
to all use the same (or integrated) authentications system.  Management
has determined that we will continue to use MS Exchange 2000, and all of
the non-engineering staff will remain on Windows systems with Outlook.
Currently all of the Unix systems are local logon only, with no
centralized authenticator. 
Other elements needed are that anyone can take their notebook home,
logon locally, and continue to work.  Once home or where ever they have
internet access, same user can connect to VPN, re-authenticate, and
access network resources.
So far, I have been told to use NIS(+), LDAP, or Kerberos.  I am asking
here for suggestions with arguments of why or why not a certain
solution.  Any suggestions outside of these listed would be welcomed, as
well.
I would prefer a system with a single login and password per user.
Single point of user management would be nice, but is not mandatory.  I
am considering using Samba for File and Print services.  Exchange is the
required e-mail server.  VPN is PPTP and is currently a Win2K system.
Will move off to a dedicated router/VPN server, with its own
userid/Login, then user will have to authenticate into the network,
after that tunnel has been established.

Daniel Curry
IT Manager
Cariocas
625 Second Street 
Suite 201
San Francisco, CA 94107 
ph: 415-348-6516
fx: 415-348-6505 
cell: 510-579-6680