Microsoft KB Archive/324073

= HOW TO: Configure the User Name Mapping Service =

Article ID: 324073

Article Last Modified on 11/1/2006

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Professional Edition
 * Microsoft Windows XP Professional
 * Microsoft Windows NT 4.0 Service Pack 6a
 * Microsoft Windows NT Workstation 4.0 Developer Edition

-



This article was previously published under Q324073



IN THIS TASK
SUMMARY
 * Install the User Name Mapping Service
 * Configure the User Name Mapping Service

REFERENCES



SUMMARY
UNIX-based domains and Windows-based domains have different user identities and group identities, even if the user names are the same. You can use the User Name Mapping service to map Windows security identifications (SIDs) to UNIX user identifications (UIDs) and UNIX group identifications (GIDs). This is true whether the user names are the same or different. Additionally, you can use the User Name Mapping service to map multiple Windows accounts to a single UNIX account. This simplifies the account management process for administrators who must provide Windows users with UNIX resources during the migration.

back to the top

Install the User Name Mapping Service
Because Microsoft Windows Services for UNIX version 3.0 uses Microsoft Installer for installation, you can install individual modules of the product from the command prompt. If you have installed previous components of Windows Services for UNIX, you must include them in the addlocal parameter of the installation command (separated by commas). Otherwise you remove the previous components when you install the User Name Mapping service. You must install one or more User Name Mapping servers on your network to support User Name Mapping functions in Interix, in Client for UNIX Network File Service (NFS), in Server for NFS, and in Gateway for NFS.

To install the User Name Mapping service from the command prompt:  Log on with an administrative-level account to a Windows-based computer. To open a command prompt, click Start, click Run, type cmd, and then click OK. Insert the Windows Services for UNIX version 3.0 CD into the CD-ROM drive (in this example, drive D). To install the User Name Mapping service, type msiexec /I D:\sfusetup.msi /qb addlocal=&quot; Mapsvc&quot; [targetdir=&quot; &quot;] at the command prompt, and then press ENTER.

NOTE: By default, the installation path is &quot;\SFU&quot;. To include the Product Key as part of the command, type pidkey=&quot; &quot;, and then press ENTER, where  is the 25-character product key.

NOTE: You do not have to restart computers that are running Windows 2000 or Windows XP after the installation has been completed.

If you install from a telnet prompt or by means of a script, where no graphic user interface (GUI) is available, type or paste the following command to complete the installation without any additional interaction from the user, and then press ENTER:

msiexec /I D:\sfusetup.msi /q addlocal=&quot; Mapsvc &quot; pidkey=&quot;key&quot; [targetdir=&quot;install path&quot;]



NOTE: To prevent problems with some components of Windows Services for UNIX, you must install Windows Services for UNIX in a folder without spaces in the path. The addlocal parameter of the Msiexec.exe program that is shown in steps 4 and 5 is case-sensitive and space-sensitive. To correctly install the User Name Mapping service, you must type the case and spacing exactly as they are shown in this example.

back to the top

Configure the User Name Mapping Service
You can configure the User Name Mapping service either through the Windows Services for UNIX Administration Microsoft Management Console (MMC) or through the Mapadmin.exe utility at the command prompt. Because of the built-in abilities of the Interix subsystem, you can easily script even complex maps through the Mapadmin.exe utility. For example, you can create a simple script that reads a text-file list of Windows users and maps them to a corresponding list of UNIX users.

The basic format of the Mapadmin.exe command is

mapadmin [server] [-u user [-p pword]]

where  include the following: Options         Details --  -- blank            Returns the information about the current configuration config          Sets the configuration options start           Starts the User Name Mapping service on the specified server (by default, the local computer is used) stop            Stops the User Name Mapping service on the specified server (by default, the local computer is used) add             Adds a mapping, either user or group setprimary      Sets the primary user or group mapping delete          Deletes a mapping list            Displays information about current user and group mappings backup          Creates a backup of current mappings to a text file restore         Restores a previously backed-up user name mapping file adddomainmap    Adds a simple map between the Windows domain and the NIS domain or PCNFS passwd and group files listdomainmaps  Lists the Windows domains that are mapped to PCNFS files or NIS domains To configure mapping between Windows domain MSFT and PCNFS:  Log on with an administrative-level account to a Windows-based computer.</li> To open a command prompt, click Start, click Run, type cmd, and then click OK.</li> At the command prompt, type or paste the following command, and then press ENTER:

mapadmin adddomainmap -d MSFT -f c:\etc.

NOTE: In this example, the passwd and group files are located in the c:\etc folder.</li></ol>

To start the User Name Mapping service:  Log on with an administrative-level account to a Windows-based computer.</li> To open a command prompt, click Start, click Run, type cmd, and then click OK.</li> At the command prompt, type or paste the following:

mapadmin start

</li></ol>

To add a user map between a Windows user (in this example, &quot;MSFT\RLJones&quot;) and a UNIX user (in this example, &quot;rlj&quot;):  Log on with an administrative-level account to a Windows-based computer.</li> To open a command prompt, click Start, click Run, type cmd, and then click OK.</li> At the command prompt, type or paste the following command, and then press ENTER:

mapadmin add -wu MSFT\RLJones -uu PCNFS\rlj

</li></ol>

NOTE: The Mapadmin.exe backup files and restore files are pure ASCII text, but the passwords that they include are encrypted. In Mapadmin.exe, you must type a full path for the backup-file destination.

back to the top

<div class="references_section">