Implementation Guide › Installing and Customizing a UNAB Host › How to Implement Full Integration Mode › Users and Groups Migration › How Migration Works
How Migration Works
When you start the migration process on a UNIX host, UNAB performs the following tasks:
- Retrieves the list of local users and NIS/NIS+ users.
Inspects Active Directory for each user name on the list and does one of the following for each user:
- If the user exists in Active Directory and the user UNIX attributes are identical to the attributes that appear in the UNIX host, the user account is migrated.
- If the user exists in Active Directory and several of the user UNIX attributes are missing, UNAB does not migrate the user and logs the missing properties.
- If the user exists in Active Directory and the user does not have any UNIX attributes, UNAB migrates the user and adds the missing attributes.
- If the user does not exist in Active Directory, UNAB does not create the user account in Active Directory.
- Retrieves the list of local groups and NIS/NIS+ groups.
Inspects the Active Directory for the groups name and for each group does one of the following:
- If the group exist in Active Directory and the group UNIX attributes are identical to the attributes of the UNIX host, the group is migrated.
- If the groups exist in Active Directory and the group ID is different to the ID on the UNIX host, UNAB does not migrate the group including its members to Active Directory.
- If the group exists in Active Directory and the group IDs are identical but several UNIX attributes are missing, UNAB migrates the group to Active Directory and completes the missing attributes.
- If the group does not exist in Active Directory, UNAB creates a group and migrates the groups to Active Directory.
Note: You cannot migrate a user or group if a user or group with the same name exists in Active Directory. For example, if you try to migrate a group named g1, but a user named g1 exists in Active Directory, UNAB cannot migrate the group.
Note: If you select to migrate the root user to Active Directory, the root account is authenticated locally and in Active Directory on login. As a result, you can experience a long authentication process.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|