The command-line migration program and the Migration wizard are both designed to migrate standard Network Information Service (NIS) maps, such as passwd, group, and services. When Server for NIS is installed, it extends the Active Directory schema to provide classes that handle standard NIS maps. The Migration wizard provides a list of NIS map source files (that is, the plain text files from which the NIS map databases are compiled) from which the administrator chooses the maps to migrate. The Migration wizard then uses the standard format of these NIS map source files to migrate the data to Active Directory.
Standard maps consist of the following maps. All other maps are nonstandard maps.
Before you migrate a nonstandard map, you must provide the syntax of the map. You must provide the name of the nonstandard map, the delimiter between the fields, and the field number of the key field.
Note that domain names are not case-sensitive. Domains cannot be migrated if they have the same name, even if the case of the names is different.
Migration is handled in one of two ways, depending on whether the map being migrated has an equivalent in Active Directory. For standard maps such as passwd, group, and hosts, that have an equivalent Active Directory class, auxiliary classes are added. For example, an auxiliary class called msSFU-PosixAccount is added to the class user, which, in turn, adds attributes such as msSFU-UidNumber and ms-SFUHomeDirectory. For standard NIS maps that have no equivalent in Active Directory, such as services and rpc, additional classes are created.
For each map entry being migrated during the migration of standard maps, the Migration wizard either creates a new object of the corresponding class or adds appropriate attributes to the auxiliary class.
Important
For information about managing maps after migration, see Managing standard and nonstandard maps.
If a new Windows user is created as a result of the migration, the user's Windows and UNIX passwords are set to a random value. Before the user can log on to the Windows domain or a UNIX computer in the NIS domain, an administrator must change the user's Windows password to a known, temporary value, inform the user what the temporary password is, and then instruct the user to change the Windows password as soon as possible. When the user changes the Windows password, the new password will be propagated to UNIX-based NIS clients the next time the NIS maps are refreshed.
If migration results in adding UNIX attributes to an existing Windows user, the UNIX password in Active Directory will be set to be the same as the existing UNIX password, and the Windows password will remain unchanged.
Server for NIS is designed so that whenever a user's Windows password is changed, the password in the NIS passwd map stored in Active Directory is changed. The reverse is not true, however. That is, when the user runs yppasswd on a UNIX client computer to change the user's NIS password, only the password in the NIS passwd map will be changed; the Windows password will not change. As a result, the UNIX and Windows passwords will differ. Users should change passwords only in Windows to ensure that Windows and UNIX passwords in the NIS map are identical. Note, however, that you can install and configure Password Synchronization to provide two-way password synchronization between Server for NIS and UNIX hosts in an NIS domain. For more information, see Synchronizing passwords with an NIS domain.
Keys within the ypservers map are the ASCII names of the computers on which the NIS servers run. That is, the ypservers map can contain only a list of NIS servers, each one listed on a separate line. If your ypservers map contains aliases, before migrating the map, edit the ypservers map to contain only the host names of the servers, one per line. The following list is an example of a valid ypservers map:
ypserver_1
ypserver_2
ypserver_3
During installation of Server for NIS, Active Directory is extended to include a class that applies to any NIS map. This class requires the name of the map, the key, and the rest of the entry.
To migrate nonstandard maps, the administrator must provide the name of the map source file and the format of the map entries to the Migration wizard or command-line utility. The Migration wizard uses the key field and the separator to migrate the data and create appropriate objects in Active Directory.
Important