Sign in
 
HomeWindows Server 2012Windows Server 2008 R2Windows Server 2003LibraryForums
Windows Server TechCenter >
IDMU Password Synchronisation Windows2008 R2

Unanswered IDMU Password Synchronisation Windows2008 R2

  • Thursday, January 17, 2013 9:05 AM
     
     
    Sign In to Vote
    0

    Good Morning,

    i have a problem regarding SFU attribute and password synchronisation.

    We already have in place 2 DC with W2K3 R2 with SFU and passwod synchronisation installed on. Every user have his own ID in Active Directory.

    When user change his windows password, it is automatically change on our aix node (we have 3 or 4 aix server who are NIS client)

    This is working for a long time.

    But My problem is : we have installed 2 news DC with w2K8 r2 and SFU + assword synch.

    But with these 2 dc, it seems that the password sync is not working. It is not changing our aix server (NIS Client).

    I can see this error in event viewer : ID 8245.= /// Password propagation failed. Either default encryption key is configured or no UNIX hosts are configured to propagate passwords.

    Do you an idea?


     

All Replies

  • Thursday, January 17, 2013 10:23 AM
     
     
    Sign In to Vote
    0

    If you are looking for Integrating AIX with Active Directory. have a look. It may help you.

    http://www.wmduszyk.com/?p=5655&langswitch_lang=en

    Best regards Biswajit Biswas Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. MCP 2003,MCSA 2003, MCSA:M 2003, CCNA, MCTS, Enterprise Admin

     
  • Thursday, January 17, 2013 10:32 AM
     
     
    Sign In to Vote
    0

    thanks for the link, but it is not helping for the moment

    but thanks

     
  • Friday, January 18, 2013 2:13 AM
    Moderator
     
     
    Sign In to Vote
    0

    Hi,

    Make certain that Password Synchronization has been configured in accordance with guidelines in Best practices for Password Synchronization. Password policies in both the Windows and UNIX environments should have similar restrictions, and minimum requirements for character length and complexity of passwords should be as closely matched as possible.

    More information please refer to below links:

    Event ID 8245 — Windows to UNIX Password Synchronization Service -- Run-time Issues
    http://technet.microsoft.com/en-us/library/dd316251(v=ws.10).aspx

    http://kb.prismmicrosys.com/evtpass/evtpages/EventId_8245_Microsoft-Windows-IDMU-Psync_65253.asp

    Best practices for Password Synchronization
    http://technet.microsoft.com/en-us/library/cc784392(v=WS.10).aspx

    Hope it helps.

    Regards,
    Cicely

     
  • Friday, January 18, 2013 10:40 AM
     
     
    Sign In to Vote
    0

    Hi,

    unfortunatly i already read these articles.

    Our password policies are managed with GPO. And it is working for our 2 others DC in W2K3.

    I will continue....

    Thanks a lot