DOCUMENT:Q229082 10-AUG-2001 [winnt] TITLE :Password Synchronization Using Rlogin May Not Work with UNIX PRODUCT :Microsoft Windows NT PROD/VER::; winnt:4.0 OPER/SYS: KEYWORDS: ====================================================================== ------------------------------------------------------------------------------- The information in this article applies to: - Microsoft Windows NT Services for UNIX Add-On Pack - Microsoft Windows NT Server version 4.0 ------------------------------------------------------------------------------- SYMPTOMS ======== When you synchronize a password on a UNIX host using an rlogin session with the Services for UNIX (SFU) password synchronization feature, password synchronization may not be successful. CAUSE ===== This behavior occurs because the expected new password and password confirmation prompts in Windows NT are hard coded within the password synchronization feature and cannot be changed from the user interface or within the registry. The UNIX host to which a password is synchronized must send specific prompts to the Windows NT host when prompting for the new password. When the Windows NT password synchronization server opens an rlogin session to a UNIX host to synchronize a password, it issues the password change command specified within the Password Synchronization Administration tool to request a password change for a specified user. The default command is "passwd" (without the quotation marks). The password synchronization server then expects a prompt back from the UNIX host for the password. That prompt must be "New password:" (without the quotation marks). The password synchronization server then sends the new password and waits for the password confirmation prompt from the UNIX host. That prompt must be "Re-enter new password:" (without the quotation marks). The password synchronization server waits until the UNIX host returns a command prompt before recording a successful password change. NOTE: The default password confirmation prompts that are generated by the passwd command in AIX version 4.2.1 are known to cause rlogin password synchronization to be unsuccessful. RESOLUTION ========== To work around this problem, modify the password command on the UNIX host to specify the password change prompts required by the SFU password synchronization feature. STATUS ====== Microsoft has confirmed this to be a problem in the Microsoft products that are listed at the beginning of this article. MORE INFORMATION ================ You can use the password synchronization feature to synchronize a user's Windows NT password with that same user's password on a UNIX-based computer. As a result, a user only needs to remember one password. Whenever the user changes the password on the Windows NT computer, the update is sent to each UNIX pod (a group of UNIX computers designated to receive password synchronization updates from a computer running Windows NT Server). Any changes made to the Windows NT password are propagated to one UNIX host in each pod. The password changes can be sent from the Windows NT computer to the UNIX host as clear text using an rlogin session. Additional query words: ====================================================================== Keywords : Technology : kbWinNTsearch kbWinNT400search kbWinNTSsearch kbWinNTS400search kbWinNTS400 kbWinNTServicesUnix Version : :; winnt:4.0 Issue type : kbbug Solution Type : kbnofix ============================================================================= THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. Copyright Microsoft Corporation 2001.