Adding the UNIX ID Component to all Domain Controllers (For 2008R2)

Target

For customers who wish to synchronize user and password information from Windows Server 2008R2 Active Directory to HENNGE Access Control.

Purpose

For all the Windows Server 2008 R2 running in the Active Directory and requiring password to be synchronized to the HENNGE Access Control, all of the Active Directory Domain Controller will need to have the Unix ID Component Service/Feature enabled.
After this operation, the next time the password was reset, the password will be hashed and stored in the UnixUserPassword attribute and the hashed password can be synchronized to the HENNGE Access Control on cloud.

Caution

1. This operation requires the domain controller to be restarted at the end of the procedure.

2. All of the domain controller is required to perform this setup.

3. For the user within the domain, please ensure that this user has the [ Domain Admins ] or the [ Enterprise Admins ] permission to perform this procedure.

4. This article was last updated on 2019 March.

Procedures

1. Please go to "Server Manager" then go to "Roles", choose "Active Directory Domain Services"

Picture1.png

2. Click "Add role services" on the right side.

3.Ensure that “Server for Network Information Services”, “Password Synchronization” and “Administration Tools” under  Role Services have all been checked before continuing.

Picture2.png

4. Click "Install"

Picture3.png

5.Click "Close" button and restart the server to complete the installation process.

Picture4.png

6. Open the "Server Manager"

7. Click "Password Synchronization" and select "Properties".

Picture5.png

8.On "Encryption and decryption key", click "Generate key" button and click on "Configuration" tab.

 Picture6.png

9.Check "Enable" to activate Windows to NIS "Active Directory" password synchronization and click "OK" button.

Picture7.png

 10.Open Server Manager and click "Server for NIS", Right click on the server and select "UNIX Password Encryption".

Picture8.png

11.Select "md5" in "Encryption Scheme" and click "OK" button.

 Picture9.png

          
Was this article helpful?

Frequently Asked Questions (FAQs)