Migrating NIS to Active Directory

During migration, Server for NIS can migrate each Network Information Service (NIS) domain and preserve it as a separate domain in Active Directory. It can also merge the data in an existing domain, however. This domain can be one of the previously migrated domains or a special NIS domain that is created when Server for NIS is installed.

One of the advantages of migrating NIS maps to Windows is to merge UNIX and Windows users and objects to create a common name space. Another advantage is that objects common in two networks can have a unique identity.

During migration, you must specify the Active Directory container in which migrated objects will be created. It is strongly recommended that you create these objects in the same container as the other Windows objects. If the container is not specified, new objects will be created in the default container that is the same as Windows.

If you migrate passwd, groups, or host maps to a container other than the default container, migrated entities will not appear by default in Windows Active Directory Users and Computers. To view all objects, select Advanced features in the View menu of the Active Directory Users and Computers console.

Windows user accounts created as a result of the migration will have their passwords set to a random value. After performing the migration, you must assign a temporary password to these accounts and instruct the users to change their Windows password as soon as possible.

See Troubleshooting for information on dealing with migration problems.

Staged migration

After the maps are migrated to the Windows Active Directory domain controller, other UNIX-based subordinate (slave) servers can also be migrated to other domain controllers in the same Windows domain. Migration of subordinate servers does not require migration of the data. Because of the architecture of Active Directory, other domain controllers in the Windows domain share the same Active Directory schema and database. Consequently, these domain controllers already have the NIS data. After the Server for NIS is installed on a domain controller in the same Windows domain, it is ready to act as a subordinate NIS server for the NIS domain.

The steps in the migration of a subordinate NIS server are as follows:

  1. Make sure the master server of the NIS domain is migrated to Server for NIS.
  2. Install Server for NIS on another Active Directory domain controller. The subordinate NIS server that you are migrating to Windows can continue to work as before. This will mean that each subnet can have more than one subordinate NIS server.
  3. Disable the subordinate NIS server on the UNIX-based computer.

The NIS map source files of an NIS domain need not be migrated all at once. (NIS map source files are the plain-text files from which the NIS map databases are compiled.) In fact, each NIS map that belongs to a domain is migrated separately. The administrator can specify the domain name to which this map will be migrated. If a domain with that name does not exist, Server for NIS creates a new NIS domain.

After you migrate NIS maps to Server for NIS, there might be some delay before this data is available to Server for NIS.

Migrating multiple NIS domains

The migration utility, or Migration Wizard, allows migration of multiple NIS domains to Active Directory. During migration of a map, the administrator must specify the domain from which the data is being migrated. Server for NIS keeps the name of the domain with the map entries created in Active Directory. Subsequently, these map entries are returned to clients or subordinate servers from that domain only.

In addition, however, the Migration Wizard can also merge a map from one domain into another NIS domain. This can be one of the previously migrated NIS domains or a special domain that is created when Server for NIS is installed. The administrator must specify the name of the NIS domain to which the data will be migrated.

If you migrate multiple domains, you can manage individual domains through Server for NIS Administration.

Server for NIS supports a maximum of 960 unique combinations of NIS domains and maps. For example, Server for NIS cannot support more than 64 domains with 15 maps each (64×15=960).