Install Identity Management for UNIX Components
Applies To: Windows Server 2003 R2
Identity Management for UNIX is considered a role service, or a software subcomponent, of the Active Directory Domain Services (AD DS) server role.
To install Identity Management for UNIX components
Installing Identity Management for UNIX by using the Windows interface
Installing Identity Management for UNIX by using a command line
Installing Identity Management for UNIX by using the Windows interface
Important
Server for NIS and Password Synchronization can be installed only on AD DS domain controllers.
To install Identity Management for UNIX components
Open Server Manager.
In the Roles section, in the list of common tasks, click Add Role Services.
On the Select Role Services page of the Add Role Services Wizard, select the Identity Management for UNIX role services you want to install, and then click Next.
If the wizard prompts you to install any other role services required by Identity Management for UNIX components, click Yes.
After verifying your selections on the Confirm Installation Selections page, click Install.
Note
You must be a member of the Administrators group on the local computer to install Identity Management for UNIX components.
Server Manager is available only to members of the Administrators group on the local computer. By default, Server Manager opens when an administrator logs on to the computer. You can open Server Manager from the Start menu, the Quick Launch toolbar, or from within Administrative Tools.
Installing Identity Management for UNIX by using a command line
Server Manager command line tools allow you to install or remove roles, role services, or features in a Windows Command Prompt. Identity Management for UNIX can be installed by using the Server Manager line command because it is a role service of the Active Directory Domain Services role.
You can run the Server Manager line command, ServerManagerCmd.exe, from within any directory on the local computer. You must be a member of the Administrators group on the local computer to run the Server Manager command.
Important
Because of security restrictions imposed by User Account Control in Windows Server 2008, you must run ServerManagerCmd.exe in a Command Prompt window opened with elevated privileges. To do this, right-click the Command Prompt executable, or the Command Prompt object on the Start menu, and then click Run as administrator.
Note
Other parameters are available for this command, such as -restart, which automatically restarts the computer after installation if it is required by the programs you have installed. It is recommended that you read about additional Server Manager command line parameters in the topic "Overview of Server Manager Commands" in the Server Manager Help.
To install Identity Management for UNIX by using a command line
In a Command Prompt window opened with elevated privileges, type one of the following and press ENTER.
ServerManagerCmd.exe -install ADDS-Identity-Management to install all of Identity Management for UNIX
ServerManagerCmd.exe - install ADDS-NIS to install Server for NIS
ServerManagerCmd.exe - install ADDS-Password-Sync to install Password Synchronization
ServerManagerCmd.exe -install ADDS-IDMU-Tools to install the administration tools for Identity Management for UNIX
Note
Add the -whatIf parameter to your command to instruct Server Manager to show the list of all software that is installed by default as a result of the command.
Special considerations for installing or removing Server for NIS
The NIS domain
Upon installation, Server for NIS creates a Network Information Service (NIS) domain with the same name as the AD DS domain. Administrators can add users, groups, or computers to this domain. Moreover, administrators can migrate UNIX NIS domain data to Server for NIS and designate the Server for NIS computer as the master NIS server for the migrated domain.
Removing Server for NIS in master mode
If you remove Server for NIS while it is running on a master server, you must verify that another server is assigned the tasks of the master server. If other Windows-based subordinate NIS servers are in the domains supported by the master server you remove, you must assign one of these servers the role of master server. Server for NIS cannot be a subordinate server to a master NIS server running on a UNIX-based operating system.
Removing Server for NIS in subordinate mode
If you remove Server for NIS while it is running as a subordinate server, the domain controller on which it was running will continue to receive NIS map updates through AD DS Synchronization.
Additional Configuration
Server for NIS and Password Synchronization require some additional configuration before they can operate in your enterprise. Password Synchronization requires the installation of specific components on UNIX hosts that will participate in password synchronization.
For more information about additional configuration steps, see the Checklists for these technologies: