Share via


Migrating NIS domains

Applies To: Windows Server 2008

To migrate NIS domains

  • Using the Windows interface

  • Using a command line

Using the Windows interface

Before you begin migrating NIS domains by using the NIS Data Migration wizard, it is recommended that you refer to the following topics.

To migrate NIS domains by using the Windows interface

  1. Open the Identity Management for UNIX management console by clicking Start, pointing to Administrative Tools, and then clicking MicrosoftIdentity Management for UNIX.

    You can also open the Identity Management for UNIX management console from within Server Manager, by expanding Roles and then Active Directory Domain Services in the hierarchy pane, and then selecting Microsoft Identity Management for UNIX.

  2. Click Server for NIS in the navigation pane.

  3. With Server for NIS highlighted in the navigation pane, click the StartNIS Data Migration Wizard command in the Actions pane.

    You can also click StartNIS Data Migration Wizard on the Action menu, or right-click Server for NIS, then click Start NIS Data Migration Wizard on the shortcut menu.

  4. Follow the step-by-step directions in the wizard.

Note

Password file entries with names longer than eight characters will not be migrated. Windows user accounts created as a result of the migration are disabled. After performing the migration, you must enable the accounts. For security reasons, it is recommended that you assign a temporary password to these accounts and instruct the affected users to change their Windows password as soon as possible.

Using a command line

Perform the following steps to migrate NIS maps by using the command-line interface.

Note

To view the complete syntax for this command, at a command prompt type: nis2ad /?

To migrate NIS domains by using the command-line interface

  1. Open a Command Prompt window by clicking Start, then clicking Command Prompt.

  2. At the prompt, type the following.

    nis2ad.exe -yNIS_Domain-aAD_domain [options] mapfile

    NIS_Domain represents the UNIX-based NIS domain containing the map to migrate, AD_Domain represents the Active Directory Domain Services (AD DS) domain to which you want to migrate maps, and mapfile represents the name of the NIS map source file that you want to migrate.

Note

The command as provided in this procedure performs a test migration. To perform an actual migration, add the -m parameter before the mapfile specification.

  1. Add optional parameters to the nis2ad command as appropriate. See the table in this topic for options you can use with the nis2ad command.

  2. Press ENTER to start migration.

The following table describes the arguments that are required in this procedure.

Argument Description

-y NIS_Domain

Specifies the name of the Network Information Service (NIS) domain that contains the map to migrate.

-a AD_domain

Specifies the NIS domain name in AD DS.

mapfile

Specifies the name of the NIS map source file to migrate. NIS map source files are the plain text files from which the NIS map databases are compiled.

The nis2ad utility accepts the following optional parameters.

Option Description

-m

Perform the migration. If this option is omitted, the program finds and reports conflicts but performs only a test and not an actual migration.

-c FileName

Specifies the file where conflict details are written. Uses a default file (%sfudir%\nis\conflicts.log) if not specified.

-t TargetContainer

Specifies the target container name. Applicable only when creating a new NIS domain. If not specified, uses the default or uses the container of the target domain.

-f FileName

Specifies the name of the log file. If not specified, nis2ad uses a default file (%sfudir%\nis\nis2ad.log).

-r yes|no

Replace the object in AD DS with object being migrated. Default is no.

-n

Resolves conflicts by changing the Windows account name in AD DS. If objects of different types have the same name, the name of both objects is changed before the data is migrated.

-p Password

If needed and if not specified, the user will be prompted.

-d Directory

Specifies the path of the directory that contains NIS map source files.

-s Server

Specifies the domain controller server hosting AD DS. Otherwise use the current server.

-u User

Specifies the name of the user having administrator privileges on this computer. If not specified, nis2ad uses the current user.

Remarks on the command-line installation process

You can migrate only one map at a time using nis2ad. To migrate more than one map at a time, use the NIS Data Migration wizard.

Password file entries with names longer than eight characters will not be migrated.

Windows user accounts created as a result of the migration will be disabled. After performing the migration, you must enable the accounts. For security reasons, it is recommended that you assign a temporary password to these accounts and instruct the affected users to change their Windows password as soon as possible.

Even if you specify another user by using the -u option, the currently logged on user must have write permissions for the folder that will contain the log and conflict files. If necessary, modify the permissions on the folder to grant write access to the user who will be running the nis2ad utility before running the utility.

Additional references