Identity Management for UNIX feature removed in Server 2012 R2

  • 400 Views
  • Last Post 23 July 2019
SmitaCarneiro posted this 28 January 2014

Our current setup is like this: We have a centralized account management system which runs on UNIX. It pushes new users accounts, groups, group membership and passwords to Active Directory. Server 2008 R2 running at 2003 forest level. Each domain controller has a custom module installed that enables the UNIX machine to push information to AD. The Identity Management for UNIX feature is also installed on the domain controllers, and this is used to push password changes from the Windows side to the UNIX.   We are planning on having a new domain with Server 2012 R2, but this  version does not have the Identity Management for Unix feature.   Has anyone else experienced this same issue? I’ve done some searching for alternatives but found nothing. I may have to write a script to do this and am looking for any pointers.   Thanks in advance,   Smita Carneiro, GCWN Active Directory Systems Engineer IT Security and Policy Ross Enterprise Center 3495 Kent Avenue, Suite 100 West Lafayette, IN 47906    

Order By: Standard | Newest | Votes
Salman posted this 28 January 2014

I know one tool named GroupID Synchronize which actually look for a source database and push the changes in various open ldap directories including Windows AD.


Thanks,
Salman Younis | IT Consultant

Convergence Resources Inc.
www.corespl.com
Phone: (647) 867-5433

show

barkills posted this 28 January 2014

Smita, if you are using the Grouper toolkit (http://www.internet2.edu/products-services/trust-identity-middleware/grouper/), then I believe the UW is planning

to contribute our AD synchronization code to that project. The basic architecture is:

Group RESTful web service          -> Grouper         -> Message Bus (we are now using Amazon, but have previously used ActiveMQ, and you could snap in Azure

with some minor code work)     -> AD Sync Agent             -> AD

 

The message bus extension allows Grouper to distribute group change messages to a variety of environments. We currently are syncing with both AD (which in turn

goes to Azure AD) and Google Apps for Education. The AD Sync Agent uses the System.DirectoryServices framework.

 

 

Unlike most of the other group management tools out there, Grouper is open-source and free. And it's feature set is richer than most of the others (what other

solution out there has group math in it?)

 

Contact me off-list if Purdue would like more details on the AD code. :)

 

show

msch posted this 17 July 2019

P.ImprintUniqueID {

MARGIN: 0cm 0cm 0pt

}

LI.ImprintUniqueID {

MARGIN: 0cm 0cm 0pt

}

DIV.ImprintUniqueID {

MARGIN: 0cm 0cm 0pt

}

TABLE.ImprintUniqueIDTable {

MARGIN: 0cm 0cm 0pt

}

DIV.Section1 {

page: Section1

}

P.ImprintUniqueID {

MARGIN: 0cm 0cm 0pt

}

LI.ImprintUniqueID {

MARGIN: 0cm 0cm 0pt

}

DIV.ImprintUniqueID {

MARGIN: 0cm 0cm 0pt

}

TABLE.ImprintUniqueIDTable {

MARGIN: 0cm 0cm 0pt

}

DIV.Section1 {

page: Section1

}















Have a look at




https://support.microsoft.com/en-us/help/4503290/windows-8-1-update-kb4503290




which caused it and was then solved with




https://support.microsoft.com/en-us/help/4508773/windows-8-1-update-kb4508773











Sent from mobile








show

kbeahm posted this 23 July 2019

P.ImprintUniqueID {

MARGIN: 0cm 0cm 0pt

}

LI.ImprintUniqueID {

MARGIN: 0cm 0cm 0pt

}

DIV.ImprintUniqueID {

MARGIN: 0cm 0cm 0pt

}

TABLE.ImprintUniqueIDTable {

MARGIN: 0cm 0cm 0pt

}

DIV.Section1 {

page: Section1

}















I apologize for the delay in my reply.  This was exactly what I needed.  Thank you.

 







Keith

D. Beahm


Messaging and Storage Architect



STINSON LLP


1201 Walnut Street, Suite 2900


Kansas City,

MO

64106-2150


Direct: 816.691.3374  \  Mobile:

816.808.8983



STINSON.COM


show

Close