Copy the appropriate source binary file from \Unix\Bins on the
Windows Services for UNIX CD to /usr/bin or /usr/local/bin on the
UNIX computer, and change its name to ssod. The name of the source
binary file depends on the version of UNIX you are using.
If the computer is running Hewlett-Packard HP-UX version 11,
the source binary file name is ssod.h11.
If the computer is running Red Hat Linux version 7.0, the
source binary file name is ssod.l52.
If the computer is running Sun Microsystems Solaris version 7,
the source binary file name is ssod.so7.
If the computer is running IBM AIX version 4.3.3, the source
binary file name is ssod.a42.
Using a binary file-copy method such as File Transfer Protocol
(FTP) to avoid corrupting CR/LF (carriage-return/line-feed) pairs,
copy Sso.cfg from \Unix\Bins on the Windows Services for UNIX CD to
/etc on the UNIX computer, and change its name to sso.conf.
Open sso.conf with a text editor.
If you have changed the default encryption key, edit the
following line to specify the new default key. This value must
match the default key specified on all domain controllers with
which this computer will synchronize passwords:
ENCRYPT_KEY=encryptionKey
If you have changed the default port, edit the following line
to specify the new port. This value must match the port number
specified on all domain controllers with which this computer will
synchronize passwords.
PORT_NUMBER=portNumber
Edit the following line to specify one domain controller in
each Windows domain with which the computer is to synchronize
passwords. If you have specified a nondefault port number or
encryption key for the UNIX computer when configuring Password
Synchronization on the Windows domain controllers, specify that
value where indicated; otherwise, leave the value blank:
Each entry in the list must be enclosed by parentheses (the "("
and ")" characters) and separated from the next entry by a blank
space.
If the computer is a Network Information Service (NIS) or NIS+
master server, and if you want passwords to be synchronized
throughout the NIS domain, edit the following line as shown to
enable NIS synchronization:
USE_NIS=1
Also, if required, edit the following line to specify the
location of the NIS makefile:
NIS_UPDATE_PATH=makefilePath
Set the file permissions of sso.conf to read/write for the root
user only, and deny access to all other users.
Important
The sso.conf file contains encryption keys and other sensitive
information. For this reason, it must be accessible only by system
administrators.
Notes
Password Synchronization supports one-way (Windows-to-UNIX)
synchronization with UNIX computers running any of the following
operating systems:
Hewlett-Packard HP-UX version and 11
IBM AIX version 4.3.3
Red Hat Linux version 7.0
Sun Microsystems Solaris version 7 running on SPARC-based
computers
This daemon program must be installed on the computer running
UNIX to enable Password Synchronization to change users' passwords
on that computer.
