10-04-2012
NIS to Active Directory Migration
Hello,
This is my first ever post on Unix anything
. I really am a total newb when it comes to Unix. I am fairly well versed in the Windows world though.
I have a project that I was pulled into which consists on migrating our Unix servers from authenticating with NIS, over to authenticating with Active Directory (company audit policy). All of the users already have user IDs in active directory for separate Windows accounts. There are over a 1000 users that we will have to migrate.
The main issue is that there are a lot of folder/files on these servers that are access controlled by NIS and when we migrate, we would need these controlled by AD (I believe). I'm sure that there are a ton of groups and files that would need this migration applied to them. What is the best way to go about this?
Some one threw out the option to use UNAB to help us out. What do you think about this tool? Is there others that would do a better job? Is there better ways to go about the whole thing? Any help would be appreciated. Thanks
8 More Discussions You Might Find Interesting
1. Windows & DOS: Issues & Discussions
Hi
Does anybody know the steps and requirements of the installation process of Windows Active Directory using Unix/Linux Bind DNS.
I will appreciate if somebody gives the answer. (1 Reply)
Discussion started by: Darwin Rodrigue
1 Replies
2. UNIX for Dummies Questions & Answers
Hello - I have a very vague question, which will probably result in vague answers because I don't have a lot of detailed information and I don't know a whole lot about active directory.
Our Windows/NT admin has been rolling out Active Directory over the past several weeks and as time goes on,... (1 Reply)
Discussion started by: rm -r *
1 Replies
3. UNIX for Dummies Questions & Answers
i would like to ask about unix with active directory..actually my situation is at ny place there already have dns server in unix based,i want to implement an active directory to the network..from what i read about active directory we have to used bind dns...some say that bind could not handle in... (1 Reply)
Discussion started by: nour
1 Replies
4. HP-UX
Hey,
I've asked questions about this project here before and gotten lots of help so I figured I'd give it another try.
I've recently set up my HP-UX environment to authenticate to a Windows Active Directory server (Windows Server 2003 R2).
I setup an account on Active Directory which works... (2 Replies)
Discussion started by: Rike255
2 Replies
5. Red Hat
Hi Friends,
I need your help to get some solution of one of my problem.
Ours is a mixed domain. Most of the servers are windows and very little linux servers. We are using the MS AD for authentication. My problem is, I want to authenticate linux servers against AD. I donot want to use any... (1 Reply)
Discussion started by: arumon
1 Replies
6. UNIX for Advanced & Expert Users
Is there anyone who is utilizing Active Directory (2008R2) for AIX user account management? If yes or if AD is possible with AIX systems, can you please share what to be done to get there?
Please advise. (1 Reply)
Discussion started by: Daniel Gate
1 Replies
7. Solaris
I'd like to share some experiences and what I found for NIS migration from Solaris 8 NIS to Linux platform.
I'm not an expert for both platforms, it's just when I tested both systems and found something really tricky. That might takes a lot of time for you to find the root cause. So, I think I can... (11 Replies)
Discussion started by: bestard
11 Replies
8. UNIX for Beginners Questions & Answers
Hi,
How can we check users added through LDAP or AD. Users added through a group of AD or LDAP group. (2 Replies)
Discussion started by: Nishit
2 Replies
userdel(1M) userdel(1M)
NAME
userdel - delete a user login from the system
SYNOPSIS
alternate_password_file] login
DESCRIPTION
The command deletes a user login from the system by modifying the appropriate login related files.
The command requires the login argument. login is the name to be deleted, specified as a string of printable characters. It may not con-
tain a colon or a newline
Refer to usergroupname(5) to understand the functionality changes with the Numeric User Group Name feature.
Options
recognizes the following options:
The home directory of
login is removed from the system. This directory must exist. Following the successful execution of this command, none of
the files and directories under the home directory will be available.
If a user is deleted and the home directory is shared by others, then this directory is not deleted even with the option.
Force the changes, even if the login is currently in use.
Specify that the changes are being made to the alternate
password file of NIS specified by the option. The and options should not be used with this option.
Specify the path of the alternate password file of NIS.
The option is used with the option.
In the event where a directory is shared by users of the same group and the owner of that directory is deleted, then the ownership of that
directory is propagated to the next user who is sharing that directory. The new owner is determined by looking at the order in which the
users sharing this directory are added to the file. If there is only one user remaining then the directory is brought back to unshared
mode by resetting the permissions to from
NIS
This command is aware of NIS user and group entries. Only local users and groups may be deleted or modified with this command. Attempts
to delete or modify NIS users or groups will result in an error. NIS users and groups must be administered from the NIS server. The com-
mand may fail with the error
(return value 6) if the user specified is an NIS user (see passwd(4)). The error
(return value 10) is returned if a local user belongs to an NIS group (see group(4)).
NFS
Errors may occur with the option if the affected directory is within an NFS mounted file system that does not allow root privileges across
the NFS mount, and the directory or files within the directory do not have sufficient permissions.
RETURN VALUE
exits with one of the following values:
Successful completion.
Invalid command syntax.
Invalid argument supplied to an option.
The login to be removed does not exist.
The login to be removed is in use.
Cannot modify the
file, but the login was removed from the file.
Unable to remove or modify the home directory.
Unable to open
file or file is non-existent.
file or
file busy. Another command may be modifying the file.
Cannot delete entry from
file.
Out of memory.
Invalid template file.
EXAMPLES
Remove the user from the system:
Remove the user from the system and delete home directory from the system:
WARNINGS
Because many users may try to write the file simultaneously, a password locking mechanism was devised. If this locking fails after subse-
quent retrying, terminates.
FILES
Shadow Password file
System Password file
System group file
Lock file used when updating password file
SEE ALSO
passwd(1), users(1), groupadd(1M), groupdel(1M), groupmod(1M), logins(1M), useradd(1M), usermod(1M), group(4), passwd(4), shadow(4), user-
groupname(5).
STANDARDS CONFORMANCE
userdel(1M)