Synchronizing user passwords
Server for NIS provides limited support for keeping passwords synchronized between a user's Windows and UNIX accounts.
If Server for NIS is installed in a Windows domain with multiple domain controllers, it is recommended that you install Password Synchronization on all domain controllers in the domain. This is because any domain controller can potentially respond to a request to change a user's password, and so it is recommended that Password Synchronization be running on that domain controller to ensure that the NIS passwd map is updated. If you install Password Synchronization on a domain controller solely to support Server for NIS in this fashion, it is not necessary to configure UNIX hosts to work with Password Synchronization running on the domain controller.
When synchronizing passwords, Server for NIS can use either crypt or Message Digest 5 (MD5). Server for NIS can support different encryption methods for multiple domains, but all UNIX computers in a particular domain must use the same encryption method. See Set the encryption method for a domain for more information about how to specify the encryption method.