Password Synchronization Using Rlogin May Not Work with All Versions of UNIX

ID: Q229082


The information in this article applies to:


SYMPTOMS

When you synchronize a password on a UNIX host using an rlogin session with the Services for UNIX (SFU) password synchronization feature, password synchronization may not be successful.


CAUSE

This behavior occurs because the expected new password and password confirmation prompts in Windows NT are hard coded within the password synchronization feature and cannot be changed from the user interface or within the registry. The UNIX host to which a password is synchronized must send specific prompts to the Windows NT host when prompting for the new password.

When the Windows NT password synchronization server opens an rlogin session to a UNIX host to synchronize a password, it issues the password change command specified within the Password Synchronization Administration tool to request a password change for a specified user. The default command is passwd. The password synchronization server then expects a prompt back from the UNIX host for the password. That prompt must be New password:. The password synchronization server then sends the new password and waits for the password confirmation prompt from the UNIX host. That prompt must be Re-enter new password:. The password synchronization server waits until the UNIX host returns a command prompt before recording a successful password change.

NOTE: The default password confirmation prompts that are generated by the passwd command in AIX version 4.2.1 are known to cause rlogin password synchronization to be unsuccessful.


RESOLUTION

To work around this problem, modify the password command on the UNIX host to specify the password change prompts required by the SFU password synchronization feature.


STATUS

Microsoft has confirmed this to be a problem in the Microsoft products listed at the beginning of this article.


MORE INFORMATION

You can use the password synchronization feature to synchronize a user's Windows NT password with that same user's password on a UNIX-based computer. As a result, a user only needs to remember one password.

Whenever the user changes the password on the Windows NT computer, the update is sent to each UNIX pod (a group of UNIX computers designated to receive password synchronization updates from a computer running Windows NT Server). Any changes made to the Windows NT password are propagated to one UNIX host in each pod. The password changes can be sent from the Windows NT computer to the UNIX host as clear text using an rlogin session.

Additional query words:


Keywords          : 
Version           : :; winnt:4.0
Platform          : winnt 
Issue type        : kbbug 

Last Reviewed: June 21, 1999