| With the broad application of UNIX and its descendants in recent years, heterogeneous network environment is a must to maximize the enterprise's freedom of choice. However, heterogeneous network also increases the difficulties for system management and security implementation, because different accounts formats and authentication mechanisms of various OS (Operating System) would induce multiple administration platforms in heterogeneous network. Therefore, enterprises would have to build more than one databases for account storing. As a result, users would have to maintain multiple credentials such as account names and passwords due to multiple independent databases used. It not only brings inconvenience for users to access network resources, but also increases the administrative cost and security risk. Some enterprises solve this problem by synchronizing accounts between different databases. However, this method doesn't get rid of the problems for system management and security implementation. This paper proposes a HSMD(Heterogeneous System Management Domain) system to embody both Windows clients and UNIX clients. This solves the conflict in account storing modes of different OS and realizes the interoperation between Microsoft extended Kerberos protocol and standard Kerberos protocol. Different from usual Windows domain and NIS domain, it integrates the management and authentication method for users, hosts, network services of their platforms. HSMD domain is based on Samba software to build a domain controller on UNIX server thanks to secure and stable characteristic of UNIX OS. HSMD adopts the group policy which is the proprietary technology of MicroSoft. Thus the designed system allows the domain controller to take charge of account management, authentication and configuration which are lacked by UNIX domain in the past. |
PDF Full Text Request