To migrate NIS domains
Using the Windows interface
Before you begin migrating NIS domains by using the NIS Data Migration wizard, it is recommended that you refer to the following topics.
- “Checklist: Migrating NIS Maps to Active
Directory Domain Services” in the Identity Management for UNIX
Help.
- Best Practices for
Server for NIS
- Understanding NIS Data
Migration
To migrate NIS domains by using the Windows interface |
-
Open the Identity Management for UNIX management console by clicking Start, pointing to Administrative Tools, and then clicking Microsoft Identity Management for UNIX.
You can also open the Identity Management for UNIX management console from within Server Manager, by expanding Roles and then Active Directory Domain Services in the hierarchy pane, and then selecting Microsoft Identity Management for UNIX.
-
Click Server for NIS in the navigation pane.
-
With Server for NIS highlighted in the navigation pane, click the Start NIS Data Migration Wizard command in the Actions pane.
You can also click Start NIS Data Migration Wizard on the Action menu, or right-click Server for NIS, then click Start NIS Data Migration Wizard on the shortcut menu.
-
Follow the step-by-step directions in the wizard.
Note | |
Password file entries with names longer than eight characters will not be migrated. Windows user accounts created as a result of the migration are disabled. After performing the migration, you must enable the accounts. For security reasons, it is recommended that you assign a temporary password to these accounts and instruct the affected users to change their Windows password as soon as possible. |
Using a command line
Perform the following steps to migrate NIS maps by using the command-line interface.
Note | |
To view the complete syntax for this command, at a command prompt type: nis2ad /? |
To migrate NIS domains by using the command-line interface |
-
Open a Command Prompt window by clicking Start, then clicking Command Prompt.
-
At the prompt, type the following.
nis2ad.exe -y NIS_Domain -a AD_domain [options] mapfile
NIS_Domain represents the UNIX-based NIS domain containing the map to migrate, AD_Domain represents the Active Directory Domain Services (AD DS) domain to which you want to migrate maps, and mapfile represents the name of the NIS map source file that you want to migrate.
Note The command as provided in this procedure performs a test migration. To perform an actual migration, add the -m parameter before the mapfile specification.
-
Add optional parameters to the nis2ad command as appropriate. See the table in this topic for options you can use with the nis2ad command.
-
Press ENTER to start migration.
The following table describes the arguments that are required in this procedure.
Argument | Description |
---|---|
-y NIS_Domain |
Specifies the name of the Network Information Service (NIS) domain that contains the map to migrate. |
-a AD_domain |
Specifies the NIS domain name in AD DS. |
mapfile |
Specifies the name of the NIS map source file to migrate. NIS map source files are the plain text files from which the NIS map databases are compiled. |
The nis2ad utility accepts the following optional parameters.
Option | Description |
---|---|
-m |
Perform the migration. If this option is omitted, the program finds and reports conflicts but performs only a test and not an actual migration. |
-c FileName |
Specifies the file where conflict details are written. Uses a default file (%sfudir%\nis\conflicts.log) if not specified. |
-t TargetContainer |
Specifies the target container name. Applicable only when creating a new NIS domain. If not specified, uses the default or uses the container of the target domain. |
-f FileName |
Specifies the name of the log file. If not specified, nis2ad uses a default file (%sfudir%\nis\nis2ad.log). |
-r yes|no |
Replace the object in AD DS with object being migrated. Default is no. |
-n |
Resolves conflicts by changing the Windows account name in AD DS. If objects of different types have the same name, the name of both objects is changed before the data is migrated. |
-p Password |
If needed and if not specified, the user will be prompted. |
-d Directory |
Specifies the path of the directory that contains NIS map source files. |
-s Server |
Specifies the domain controller server hosting AD DS. Otherwise use the current server. |
-u User |
Specifies the name of the user having administrator privileges on this computer. If not specified, nis2ad uses the current user. |
Remarks on the command-line installation process
You can migrate only one map at a time using nis2ad. To migrate more than one map at a time, use the NIS Data Migration wizard.
Password file entries with names longer than eight characters will not be migrated.
Windows user accounts created as a result of the migration will be disabled. After performing the migration, you must enable the accounts. For security reasons, it is recommended that you assign a temporary password to these accounts and instruct the affected users to change their Windows password as soon as possible.
Even if you specify another user by using the -u option, the currently logged on user must have write permissions for the folder that will contain the log and conflict files. If necessary, modify the permissions on the folder to grant write access to the user who will be running the nis2ad utility before running the utility.