KnowledgeBase Archive

An Archive of Early Microsoft KnowledgeBase Articles

View on GitHub

Q229082: Password Synchronization Using Rlogin May Not Work with UNIX

Article: Q229082
Product(s): Microsoft Windows NT
Version(s): ; winnt:4.0
Operating System(s): 
Keyword(s): 
Last Modified: 10-AUG-2001

-------------------------------------------------------------------------------
The information in this article applies to:

- Microsoft Windows NT Services for UNIX Add-On Pack 
- Microsoft Windows NT Server version 4.0 
-------------------------------------------------------------------------------

SYMPTOMS
========

When you synchronize a password on a UNIX host using an rlogin session with the
Services for UNIX (SFU) password synchronization feature, password
synchronization may not be successful.

CAUSE
=====

This behavior occurs because the expected new password and password confirmation
prompts in Windows NT are hard coded within the password synchronization feature
and cannot be changed from the user interface or within the registry. The UNIX
host to which a password is synchronized must send specific prompts to the
Windows NT host when prompting for the new password.

When the Windows NT password synchronization server opens an rlogin session to a
UNIX host to synchronize a password, it issues the password change command
specified within the Password Synchronization Administration tool to request a
password change for a specified user. The default command is "passwd" (without
the quotation marks). The password synchronization server then expects a prompt
back from the UNIX host for the password. That prompt must be "New password:"
(without the quotation marks). The password synchronization server then sends
the new password and waits for the password confirmation prompt from the UNIX
host. That prompt must be "Re-enter new password:" (without the quotation
marks). The password synchronization server waits until the UNIX host returns a
command prompt before recording a successful password change.

NOTE: The default password confirmation prompts that are generated by the passwd
command in AIX version 4.2.1 are known to cause rlogin password synchronization
to be unsuccessful.

RESOLUTION
==========

To work around this problem, modify the password command on the UNIX host to
specify the password change prompts required by the SFU password synchronization
feature.

STATUS
======

Microsoft has confirmed this to be a problem in the Microsoft products that are
listed at the beginning of this article.

MORE INFORMATION
================

You can use the password synchronization feature to synchronize a user's Windows
NT password with that same user's password on a UNIX-based computer. As a
result, a user only needs to remember one password.

Whenever the user changes the password on the Windows NT computer, the update is
sent to each UNIX pod (a group of UNIX computers designated to receive password
synchronization updates from a computer running Windows NT Server). Any changes
made to the Windows NT password are propagated to one UNIX host in each pod. The
password changes can be sent from the Windows NT computer to the UNIX host as
clear text using an rlogin session.

Additional query words:

======================================================================
Keywords          :  
Technology        : kbWinNTsearch kbWinNT400search kbWinNTSsearch kbWinNTS400search kbWinNTS400 kbWinNTServicesUnix
Version           : :; winnt:4.0
Issue type        : kbbug
Solution Type     : kbnofix

=============================================================================

THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.

Copyright Microsoft Corporation 1986-2002.