Browse by Tags

Related Posts
  • Blog Post: Steps to configure Password Sync With NIS ( Windows -> Unix)

    1. Make your Windows box a Domain controller. Install "Identity Management for UNIX" (Server for NIS and password Sync). To install this component user needs to be a part of Schema admin/ domain admin and enterprise admin group. 2. Reboot the box 3. In Active Directory values for Unix related attributes...
  • Blog Post: Unix Attribute Tab does not show all the UNIX provisioned groups in Primary Group Name ==>GID drop down.

    While working on a issue recently, we found that the Unix attribute tab has a GUI limitation on the number of groups it can display. Customer came with an issue where they had provisioned about 1500 groups but from ADUC ==> User’s properties ==> Unix attribute tab, all the groups were...
  • Blog Post: Using unixUserPassword attribute properly

    In my last posts I discussed regarding NIS and LDAP implantation using new RFC 2307 compliant schema on Windows environment. An important aspect of using these much depends on unixUserAttribute. If you want the Active directory users to change their Windows password and at the same time this attributes...
  • Blog Post: Unable to bind the HPUnix clients to Windows 2008 R2 Server

    Recently we had a customer, who was having issue binding the HP UNIX client to Windows 2008 R2 server. We started with installing the patch http://support.microsoft.com/kb/983574 to update the RPC drives. Still we were getting issue. Then we checked the below entries: Under the /etc/rc.config...
  • Blog Post: Unable to start “Server for NIS” service; “An error occurred accessing the Windows Registry. Error: %1”

    Recently we go an issue where the “Server for NIS” service was not starting on Windows 2003 R2, x64. The error code as per the vent logs was: Event ID 8194. We referred to the TechNet document http://technet.microsoft.com/en-us/library/dd316252(v=ws.10).aspx and followed the instruction...
  • Blog Post: "Server for NIS cannot obtain one or more server names from Active Directory"

    Recently we got a case in which customer was using SFU 3.5 and Server for NIS was installed. Whenever he was trying to click on the Server for NIS option, he was getting the following error "Server for NIS cannot obtain one or more server names from Active Directory" We collected the output from...
  • Blog Post: Server for NIS using too many Ephemeral ports

    The Server for NIS initiates recursive LDAP queries on AD and in some environments, where the ports do not close quickly enough, it can create problems like TCP port Exhaustion . When a client initiates a TCP/IP socket connection to a server, the client typically connects to a specific port on...
  • Blog Post: Binding Linux as NIS client and slave to Windows NIS Master

    To configure Linux as NIS client to Windows NIS master (Binding Linux as NIS client to Windows 2008 DC, NIS Master) Configuring Linux as NIS client: File that needs to be configure on the Linux side: 1. Edit the # /etc/yp.conf file and put the entry below domain linuxlab server rhel1.sfu...
  • Blog Post: Using Identity Management for UNIX effectively - Part I

    When using Identity Management for UNIX; we change active directory user password; we expect the related UNIX attributes to be changed promptly. There is couple of conditions that needs to be fulfilled. I am going to discuss all these in detail. To start with let’s check the UNIX related attributes...
  • Blog Post: Unable to run the NISMAP command on a DC from a non admin credentials

    We had a scenario where the customer was looking for a option to run the nismap command on a DC using non admin credentials to populate entries in the auto_home NIS map. Hence to run the nismap add command we tried delegating full control to the non admin user on the following containers: ...
  • Blog Post: Using Identity Management for UNIX effectively - Part II

    In this post let’s take a looks around managing UNIX related attributes. Once we install Server for NIS and related components on a domain controller the User, Group and Computer objects gets a separate property page – UNIX Attributes. ...
  • Blog Post: A simple script to manage UNIX related attributes in Windows 2003 R2

    Migrating an existing environment running on Services for UNIX 3.5 to Windows 2003 R2 or above is very common these days. Generally we need to copy the values of the attributes for SFU 3.5 to the new attributes. In one of my earlier post I mentioned the difference in names of the attributes that has...
  • Blog Post: I cannot see “Unix attribute” tab even after installing IdMU

    I cannot see “Unix attribute” tab even after installing IdMU. It may happen that you cannot see Unix attribute tab in the users or groups properties even after installing IdMU. This may happen because of either of the two reasons: 1) nisprop.dll is not registered. 2) adminPropertyPages attribute...
  • Blog Post: LDAP calls made from the Unix client query incorrect login shell attribute

    Recently while working on an issue where we got an issue where the Users once logged into Linux client were getting incorrect login shell. Changing the Login Shell in Active Directory (from Unix Attribute Tab), did not work as the user were still getting default login Unix Shell. For example ==>...
  • Blog Post: Migrating Windows 2003 + SFU 3.5 and Server for NIS to Windows 2008 R2

    Most of the domain controllers running on Windows 2003 and serving purpose of Server for NIS for *NIX systems are getting upgraded to Windows 2008 R2 these days. This needs some additional steps to be performed as Services for UNIX 3.5 no longer available on Windows 2008 R2 (as SFU 3.5 does not have...
  • Blog Post: Manage UNIX related attribute w/o installing Server for NIS or through script in windows 2008

    We do get a lot of customer who would like to manage the UNIX related attribute from ADUC. This can be done once we install Server for NIS which creates a new tab “Unix attribute tab”. UNIX related attributes can be managed (populated/ updated) from this tab. But then customers do have reservation installing...
  • Blog Post: “ypcat command does not list complete list of user…”

    We got an issue from a customer where he said that there is a mismatch between the Number of users in his environment and the user present in the output of ypcat. To start off with, we started collected different sets of output from the dsquery command: The command below will populate the...
  • Blog Post: Command line installation of IDMU component in Windows 2012

    This article discuss on the steps required to install IDMU component using DISM on WIndows 2012. You can find more informaiton on DISM on the Blog . Looking for the GUI based installation through role and features may get complex at times. Hence this blog, discuss on the simple steps through command...
  • Blog Post: Running nismap.exe with –y parameter creates a map with “.” instead of “_”

    “nismap.exe” does not create the map name as expected when using the –y parameter. Below is an example of the attempt to use nismap.exe with –y to create the map named auto_home_svr_test: C:\temp>nismap.exe create -i 1 -g " " -s localhost -f "C:\Windows\IDMU\nis\nis2ad.log...
  • Blog Post: Managing Server for NIS properly - Part I

    Once we install Server for NIS on a domain controllers managing this service is one on the important task. The Identity Management for UNIX provided couple of useful tools to manage this service. In the c:\windows\idmu\common directory we have the following executables: 1. nisadmin 2. nismap...
  • Blog Post: Server for NIS service crashing at the startup

    We recently got an issue where the Server for NIS service was crashing at a startup. In the environment, customer had added W2K8 R2 based DC and installed IDMU in his existing W2K3R2 based IDMU setup. To begin with we tried checking if the numbers of available port are getting exhausted but that was...
  • Blog Post: I cannot modify UNIX attributes on a group

    I cannot modify UNIX attributes on a group This was an interesting issue where we were not able to modify the POSIX information in a group object in AD using the IdMU UNIX Attributes tab. Any attempts to perform this task would return the following error - Check your credentials. There...
  • Blog Post: Password changes made from AD are not getting synced to Unix for some users

    Recently we got a case where Password changes made for domain users were not getting synced to Unix NIS clients. The issue was only happening for couple of users and rests all users’ password changes were synced correctly. To begin with we checked the configuration made on the Windows and UNIX...
  • Blog Post: Server for NIS vs Winbind

    Recently I was working on a scenario to select the best solution to use for integrating *NIX systems in Active Directory. Primarily we discussed on using Winbind in comparison to Server for NIS. After running multiple tests and considering different factors; we reached to conclusions: Winbind turned...
  • Blog Post: Issues with Server for NIS

    Recently, we faced couple of issues with Server for NIS. The environment looks like: 2 Windows 2008 R2 as DC and HP UNIX as NIS client. The issue which the customer was facing was as below: · First issue: Users were unable to login from Unix clients using AD credentials · Second...