To install the Password Synchronization daemon

  1. Copy the appropriate source binary file from \Unix\Bins on the Windows Services for UNIX CD to /usr/bin or /usr/local/bin on the UNIX computer, and change its name to ssod. The name of the source binary file depends on the version of UNIX you are using.
  2. Using a binary file-copy method such as File Transfer Protocol (FTP) to avoid corrupting CR/LF (carriage-return/line-feed) pairs, copy Sso.cfg from \Unix\Bins on the Windows Services for UNIX CD to /etc on the UNIX computer, and change its name to sso.conf.
  3. Open sso.conf with a text editor.
  4. If you have changed the default encryption key, edit the following line to specify the new default key. This value must match the default key specified on all domain controllers with which this computer will synchronize passwords:
  5. ENCRYPT_KEY=encryptionKey

  6. If you have changed the default port, edit the following line to specify the new port. This value must match the port number specified on all domain controllers with which this computer will synchronize passwords.
  7. PORT_NUMBER=portNumber

  8. Edit the following line to specify one domain controller in each Windows domain with which the computer is to synchronize passwords. If you have specified a nondefault port number or encryption key for the UNIX computer when configuring Password Synchronization on the Windows domain controllers, specify that value where indicated; otherwise, leave the value blank:
  9. SYNC_HOSTS=(domainController[, portNumber [, encryptionKey]]) ...

    Each entry in the list must be enclosed by parentheses (the "(" and ")" characters) and separated from the next entry by a blank space.

  10. If the computer is a Network Information Service (NIS) or NIS+ master server, and if you want passwords to be synchronized throughout the NIS domain, edit the following line as shown to enable NIS synchronization:

    USE_NIS=1

    Also, if required, edit the following line to specify the location of the NIS makefile:

    NIS_UPDATE_PATH=makefilePath

  11. Set the file permissions of sso.conf to read/write for the root user only, and deny access to all other users.

Important

Notes

Related Topics

*

Understanding Password Synchronization

*

Using sso.conf to configure Password Synchronization on the UNIX computer

*

To start the Password Synchronization daemon

*

To install the pluggable authentication module (PAM) on Solaris

*

To install the pluggable authentication module (PAM) on Linux

*

To install the pluggable authentication module (PAM) on HP-UX

*

Windows Services for UNIX overview