Services for UNIX |
Consider the following when implementing Services for UNIX Password Synchronization:
User Name and Password The user name and password must be exactly the same on the Windows-based and UNIX-based computers that are configured together for password synchronization. Both the user name and the password are case-sensitive.
Domain Controllers If Services for UNIX Version 1.0 for Windows NT 4.0 is installed, all Windows NT domain controllers need to have Services for UNIX installed with Password Synchronization. If Services for UNIX is installed only on the primary domain controller (PDC) and it goes down, then a backup domain controller (BDC) will be promoted to a PDC. If this domain controller does not have Services for UNIX with Password Synchronization installed, then the password database can get out of synchronization.
Password Changes After password synchronization is implemented, the UNIX system password need not be changed. If a UNIX password is changed, it is overwritten by the next change to the Windows password.
Synchronization Method All computers within a UNIX pod must use the same password synchronization method, secured or unsecured. A UNIX pod is a group of UNIX-based computers, one of which successfully receives an updated password from Windows NT.
NIS/NIS+ and Password Synchronization Services for UNIX does not support password updates to NIS or NIS+ using rlogin, so use the secured password synchronization method with UNIX computers that use NIS or NIS+ for managing system-independent information such as login names and passwords.
NIS and Password Change Propagation If an NIS domain is used as a password synchronization mode, Services for UNIX updates the NIS/NIS+ domain master, which propagates the changes to the NIS/NIS+ slave servers.
Installing the ssod Daemon If secured password synchronization is being used, the ssod daemon included with the Services for UNIX product CD must be installed on every UNIX-based computer in the pod.
Unsecured Password Synchronization If unsecured password synchronization is being used, the files /etc/hosts and .rhosts on the UNIX-based computers in the pod must be correctly configured so that rlogin can access the passwd command as a root logon. In addition, the file /etc/default/login on Sun Sparcstations must be modified and the console-only root logon must be disabled.