Adding or removing computers for synchronization

In addition to adding a UNIX-based computer to the list of UNIX-based computers participating in password synchronization, if you want to change the user's password on the UNIX computer when the corresponding Windows user's password is changed, you must install the Password Synchronization single sign-on daemon (SSOD) on the UNIX-based computer. For more information, see Install the Password Synchronization daemon on UNIX-based computers.

If you want to change the Windows user's password when the corresponding UNIX-based computer user's password is changed, you must install the pluggable authentication module (PAM) on the UNIX-based computer. For more information, see Install the Password Synchronization pluggable authentication module.

Adding a computer for synchronization

To add a computer for synchronization
  1. Open the Identity Management for UNIX management console by clicking Start, pointing to Administrative Tools, and then clicking Microsoft Identity Management for UNIX.

    You can also open the Identity Management for UNIX management console from within Server Manager, by expanding Roles and then Active Directory Domain Services in the hierarchy pane, and then selecting Microsoft Identity Management for UNIX.

  2. If necessary, connect to the computer you want to manage by using the procedure in Connect to another computer you want to manage.

  3. In the hierarchy pane, under the Password Synchronization node, click UNIX Computers, and then do one of the following.

    • Right-click UNIX Computers, and then click Add Computer.

    • Click Add Computer in the Actions pane.

    • On the Action menu, click Add Computer.

  4. In the Computer name text box of the Add Computer dialog box, provide the name or IP address of a UNIX-based computer.

  5. In the Direction of password synchronization area, select the direction of password synchronization for this computer.

  6. If necessary, specify a different encryption key than the default key, or click Generate key to have Password Synchronization generate a new key for synchronization with this computer.

  7. If necessary, change the port number this computer monitors for password changes. The default is 6677.

  8. Click OK.

Removing a computer from synchronization

To remove a computer from synchronization
  1. Open the Identity Management for UNIX snap-in by clicking Start, pointing to All Programs, and then clicking Identity Management for UNIX.

  2. If necessary, connect to the computer you want to manage by using the procedure in Connect to another computer you want to manage.

  3. In the hierarchy pane, under the Password Synchronization node, click UNIX Computers.

  4. In the results pane, select the UNIX-based computer that you want to remove from synchronization.

  5. With the computer selected in the results pane, do one of the following:

    • Right-click the computer, and then click Delete.

    • Click Delete in the Actions pane.

    • On the Action menu, click Delete.

  6. If you are certain you want to delete the computer from synchronization, click OK when prompted.

Note

To perform this task in the command line environment, see psadmin.