Microsoft KB Archive/216639

= Controlling Password Synchronization in Services for UNIX Using the PasswordPropAllow and PasswordPropDeny Local Groups =

Article ID: 216639

Article Last Modified on 11/1/2006

-

APPLIES TO


 * Microsoft Windows NT Services for UNIX Add-On Pack
 * Microsoft Windows NT Server 4.0 Standard Edition
 * Microsoft Windows NT Workstation 4.0 Developer Edition

-



This article was previously published under Q216639



SUMMARY
You can control which users' passwords are synchronized to the UNIX pods by the Password Synchronization service. This is done by creating and populating the PasswordPropAllow and PasswordPropDeny local user groups on the Windows NT-based computer that is running the Password Synchronization service.



MORE INFORMATION
The Password Synchronization service uses the PasswordPropAllow and PasswordPropDeny groups to determine whether a user's password change should be propagated to the configured UNIX pods. If a user is in the PasswordPropAllow group and not in the PasswordPropDeny group, the user's password change is propagated to the UNIX pods.

By default, the PasswordPropAllow and PasswordPropDeny groups do not exist, and all users' password changes are propagated. Once one of these groups is created, password changes are propagated only for those users in the PasswordPropAllow group and not in the PasswordPropDeny group.

The PasswordPropAllow group should contain users or user groups for which password changes should be propagated to the UNIX pods.

The PasswordPropDeny group should contain users or user groups for which password changes should not be propagated to the UNIX pods.

Keywords: kbenv kbinfo KB216639

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.