none
Importing Linux Users into Active Directory with Passwords

    Question

  • We are currently using some linux servers on which users have their accounts. To provide single sign-on to the users on all the servers, we want to shift to Active Directory. So we need to port all the users and groups (along with user passwords) to Active Directory. We want the migration process to be transparent to the users so that they donot need to change their passwords. Although, there are enough tutorials on internet to help configuring services like SSH, IMAP etc, we could not find any resource on how to port these Linux accounts.

    Help please.
    Tuesday, March 10, 2009 12:01 PM

Answers

  • Hi,

    A few third-party tools offer NIS to AD migration:

    Likewise NIS Migration Tool
    http://www.likewise.com/products/likewise_enterprise/NIS-Migration.php

    Centrify DirectControl 4
    http://www.centrify.com/directcontrol/overview.asp
    http://www.centrify.com/blogs/tomkemp/performing_nis_migration_the_centrify_and_active_directory_way.asp
    http://www.centrify.com/resources/chalktalk_nis.asp

    Quest Authentication Services
    http://www.quest.com/Authentication-Services/

    Regards,

    Salvador Manaois III
    MCITP | Enterprise & Server Admin
    MCSE MCSA MCTS CIWA C|EH
    Bytes & Badz: http://badzmanaois.blogspot.com

    Wednesday, March 11, 2009 5:57 AM
  • Hi,

    You may check whether the Identity Management for UNIX component in Windows Server 2008 can meet your requirement. Password Synchronization would help you import passwords. 

    Identity Management for UNIX makes it easy to integrate computers running Windows into your existing UNIX enterprise. Active Directory network administrators can use Server for NIS to manage Network Information Service (NIS) domains, and Password Synchronization automatically synchronizes passwords between Windows and UNIX operating systems.

    Server for NIS completely integrates UNIX NIS networks with Windows Active Directory. Identity Management for UNIX includes an easy-to-use wizard that a Windows domain administrator can use to export NIS domain maps to Active Directory entries. Once this is done, an Active Directory domain controller running Server for NIS becomes the master server for the NIS domain.
    Password Synchronization automatically changes a user password on the UNIX network when the user changes his or her Windows password, and vice versa. This allows users to maintain just one password for both networks.

    You can install it on Windows 2008 by the steps below.

    Open Server Manager, click Roles, choose Active Directory Domain Services, choose Add Role Services, follow the wizard to install Identity Management for UNIX. After installation, please click Description of Role Service to get more detailed help. 

    Here is detailed operation instructions:
    http://blog.scottlowe.org/2007/07/09/linux-ad-integration-with-windows-server-2008/ 
    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    Hope it helps.

    Thanks


    This posting is provided "AS IS" with no warranties, and confers no rights.
    Wednesday, March 11, 2009 11:16 AM

All replies

  • Hi,

    A few third-party tools offer NIS to AD migration:

    Likewise NIS Migration Tool
    http://www.likewise.com/products/likewise_enterprise/NIS-Migration.php

    Centrify DirectControl 4
    http://www.centrify.com/directcontrol/overview.asp
    http://www.centrify.com/blogs/tomkemp/performing_nis_migration_the_centrify_and_active_directory_way.asp
    http://www.centrify.com/resources/chalktalk_nis.asp

    Quest Authentication Services
    http://www.quest.com/Authentication-Services/

    Regards,

    Salvador Manaois III
    MCITP | Enterprise & Server Admin
    MCSE MCSA MCTS CIWA C|EH
    Bytes & Badz: http://badzmanaois.blogspot.com

    Wednesday, March 11, 2009 5:57 AM
  • Hi,

    You may check whether the Identity Management for UNIX component in Windows Server 2008 can meet your requirement. Password Synchronization would help you import passwords. 

    Identity Management for UNIX makes it easy to integrate computers running Windows into your existing UNIX enterprise. Active Directory network administrators can use Server for NIS to manage Network Information Service (NIS) domains, and Password Synchronization automatically synchronizes passwords between Windows and UNIX operating systems.

    Server for NIS completely integrates UNIX NIS networks with Windows Active Directory. Identity Management for UNIX includes an easy-to-use wizard that a Windows domain administrator can use to export NIS domain maps to Active Directory entries. Once this is done, an Active Directory domain controller running Server for NIS becomes the master server for the NIS domain.
    Password Synchronization automatically changes a user password on the UNIX network when the user changes his or her Windows password, and vice versa. This allows users to maintain just one password for both networks.

    You can install it on Windows 2008 by the steps below.

    Open Server Manager, click Roles, choose Active Directory Domain Services, choose Add Role Services, follow the wizard to install Identity Management for UNIX. After installation, please click Description of Role Service to get more detailed help. 

    Here is detailed operation instructions:
    http://blog.scottlowe.org/2007/07/09/linux-ad-integration-with-windows-server-2008/ 
    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    Hope it helps.

    Thanks


    This posting is provided "AS IS" with no warranties, and confers no rights.
    Wednesday, March 11, 2009 11:16 AM