Using Microsoft password synchronization service

If you choose to use one of the password synchronization services provided by Microsoft instead of the Centrify Password Synchronization program, follow the instructions provided with the software to install the service. In general, you need to do the following to use the Microsoft password synchronization services:

  • Set the Windows domain to the domain you joined after installing the Centrify UNIX agent.
  • Set the NIS domain name to the zone name you specified when you joined the domain. For example, if you are using the default zone, set the NIS domain to default. Although you can set the NIS domain name to something other than the zone name when creating or modifying a zone’s properties, you must use the zone name for this setting if you use Microsoft password synchronization.
  • Set the NIS Server name to the host name of the computer running both the adclient and adnisd services.
  • Give user accounts access to the zone and NIS domain. If you are using the Microsoft Windows Services for UNIX, select the zone name from the list of NIS domains on the UNIX Attributes tab.

    The rest of the fields on the UNIX Attributes tab are not used by Centrify Authentication Service, Privilege Elevation Service, and Audit & Monitoring Service, but you are required to enter information for these fields to enable the NIS domain for the user. Therefore, you should specify a UID, Login shell, Home directory, and Primary group for the user account, then click OK.