NoteHKLM\SOFTWARE\Microsoft\PswdSync\Domains\<pod-name>
| Data type | Range | Default value |
|---|---|---|
| REG_SZ | Windows NT user group | PasswordPropAllow |
Limits password synchronization to users in a specified user group.
When the name of a Windows 2000 user group defined in your system appears in the value of this entry, the service synchronizes passwords only for users in that group. This entry lets you limit password synchronization only to users who log on to UNIX computers regularly.
If the value of this entry does not contain the name of a existing user group and the default group, PasswordPropAllow, does not exist in your system, all of the system's users are considered to be clients and the service synchronizes all of their passwords. (If the system is running on a stand-alone computer, the service synchronizes the passwords of all local users. If the system is running on a domain controller, the service synchronizes the passwords of all users in the domain.)
Note
This entry does not appear in the registry unless you use the Password Synchronization Administrator to change the default value.
Tip
If only a small subset of domain users need to have synchronized passwords, use PropAllowGroup, to identify that group of users. If all but a few users need to have synchronized passwords, use PropDenyGroup to identify the group of excluded users.
To create a Windows user group, use Active Directory Users and Computers.
Related Entries
