SUMMARY

When you migrate from Apache and UNIX to Windows and Internet Information Services (IIS), you must migrate user authentication information. This article describes how to migrate most of the Apache-based user and group information to Windows.

back to the top

Migrating File-Based User and Group Data

If you are using Apache or httpd password files under Apache and UNIX or if you are using the UNIX authentication system (/etc/passwd), the user and group information is stored in a simple text file. You must create all users under Windows in the Windows 2000 folder, as if the user is a standard user. However, if you perform this task manually, it may take a long period of time.

You can use the addusers command, which is part of the Windows 2000 Resource Kit, to automatically create a number of users and groups based on the information in a text file. The format of the file is a little different from the file that is used by Apache; therefore, you must copy the existing files to a new text file before you use the file with the addusers command.

The file uses the Windows .ini file format, which means that the file is logically split into sections by [section] headers. Data in each section is separated by commas. The following text is an example of the users section in this file:

Unfortunately, you must reset the password information unless you have a copy of the unencrypted password as part of your Web site. Additional sections are [Global] for global groups (the groups that are propagated through Active Directory to other hosts) and [Local] for groups that are local to the current computer.

The following text is an example of the format for these sections:

Note that lines in this section must end with a comma (,). The following text is an example of the file that you use to create two users and a global group:

back to the top

Importing Users and Groups from a UNIX System

1. Log on to the Web server computer as an Administrator.
2. Log on to the UNIX host as a root or as a user who has permissions to access the Apache user databases.
3. On the UNIX host, copy the information from the Apache files to a new text file of the correct format (as described earlier in this article).
   
   NOTE: Password information cannot be migrated.
4. Log on to the Windows host, click Start, point to Programs, point to Accessories, and then click Command Prompt.
5. Use FTP to transfer the file from the UNIX host to the Windows computer.
   
   NOTE: Use ASCII format, not binary format to transfer the file.
6. Type the following text:

   addusers /c users.txt /p:e

   When you use the /c parameter, the addusers command creates the users and groups in the file.
   
   When you use the /p parameter, the addusers command sets password rights for the users that are created. The following list includes all of the options for this argument:

   • l: Users do not have to change passwords at next logon.
   • c: Users cannot change passwords.
   • e: Passwords never expire. (This option implies the l option).
   • d: Accounts disabled.

back to the top

Migrating NIS Data

If you are using Network Information Service (NIS) servers to hold the user information that is used to authenticate users in Apache, Microsoft recommends that you consider migrating the NIS data to the NIS Server by using the Windows Services for UNIX program kit. As part of the migration process, NIS data is migrated to Windows 2000 Active Directory. Existing UNIX platforms can continue to use the NIS data that is provided and Windows 2000-based servers can use the Active Directory-based information for authenticating users.

back to the top

Using the IIS Migration Wizard

You can use the IIS Migration Wizard to migrate data and user and group information for a Web site from a UNIX and Apache host to Windows 2000 and IIS.

back to the top