HP-UX Directory Server Administrator Guide HP-UX Directory Server Version 8.1 (5900-3098, May 2013)

ManualsBrandsHP ManualsSoftwareHP-UX Directory Server

421

422

423

424

425

426

427

428

429

430

NOTE:

A synchronization agreement needs to be configured for both kinds of unidirectional synchronization.

To only synchronize Directory Server entries, then do not set the Active Directory sync attributes in

the sync agreement. Likewise, to only synchronize Active Directory over to Directory Server, do

not add any sync attributes to Directory Server entries.

9.9 Password sync service

The Password Sync Service must be installed on every Active Directory domain controller. The

service synchronizes password changes made on Active Directory with the corresponding entries'

passwords on the Directory Server. Like any Windows service, it can be modified, started and

stopped, and uninstalled, depending on how synchronization between Directory Server and Active

Directory changes.

9.9.1 Modifying password sync

To reconfigure Password Sync, open the Windows Services panel, highlight Password Sync, and

select Modify. This goes back through the configuration screens.

9.9.2 Starting and stopping the password sync service

The Password Sync Service is configured to start whenever the Active Directory host is started. To

reconfigure the service so that it does not start when Windows reboots:

1. Go to the Control Panel, and select Services.

2. Scroll through the list of services for the Password Sync Service. The Startup field is set to

Automatic.

3. Double-click on Password Sync.

4. Select the Manual radio button, then click OK.

To start and stop Password Sync:

1. Go to the Control Panel, and select Services.

2. Scroll through the list of services for Password Sync, and right-click on it.

3. Select Stop or Start, and click Okay.

Changed passwords are captured even if Password Sync is not running. If Password Sync is

restarted, the password changes are sent to Directory Server at the next synchronization.

9.9.3 Uninstalling password sync service

To uninstall the Password Sync Service:

1. Open the Add/Remove Programs utility.

2. Select click remove to uninstall the Password Sync Service.

3. If SSL was configured for the Password Sync, then the cert8.db and key3.db databases

that were created are not removed when Password Sync is uninstalled. Delete these files by

hand.

9.10 Troubleshooting synchronization problems

If synchronization does not seem to be functioning properly, see the Windows event log and/or

Directory Server errors log for information on any potential problems.

Enable replication logging for more detailed information on synchronization to be recorded in the

errors log. Replication log levels produces more verbose logs from the sync code that can help in

diagnosing problems.

9.9 Password sync service 425