Services for Unix 3.5 Mapping problem RRS feed

  • Question

  • We've been using NIS service for years without an issue. When we attempted to add a new group to AD yesterday, we were unable to see the group in the Unix side. The Unix attributes are assigned correctly from what I can see, but I am unable to get the unix group created. The same issue exists for creating new users.

    So far I have repaired SFU on the master but have down nothing with the subordinate. 

    A colleague has said that he installed Identity manager for unix on the one 2008 R2 DC in the domain around the same time the problem appeared. I wonder if this is causing the problem.

    The schema was updated a year ago to accommodate the DC.

    There seems to be no errors in the event logs and no NIS logs that I can see that I can use to troubleshoot the problem.





    Wednesday, July 20, 2011 1:54 PM


  • It looks like when identity management was installed on the our 2008 R2 service, the domain was looking to new attributes in AD. One of the attributes that Server 2003 was writing to was MSSFUmemberuidnumber, but the new attribute is uidNumber. Windows 7 and server 2008 R2 both would right to uidNumber.

    Running idmu.exe on the server 2003 DCs has resolved the issue by allowing us right to the new uidNumber attribute.


    Monday, July 25, 2011 5:23 PM

All replies