HP-UX Directory Server 8.1 Administrator (766147-001, March 2014)

/opt/dirsrv/slapd-instance_name/stop-slapd

2. Add a new entry, such as cn=sync user,cn=config, with a password at the end of

/etc/opt/dirsrv/slapd-instance_name/dse.ldif. For example:

dn: cn=sync user,cn=config

objectClass: inetorgperson

objectClass: person

objectClass: top

cn: sync user

sn: SU

userPassword: secret

passwordExpirationTime: 20380119031407Z

3. Restart the Directory Server.

/opt/dirsrv/slapd-instance_name/restart-slapd

Step 4: Install the Password Sync service

Password Sync can be installed on every domain controller in the Active Directory domain in order

to synchronize Windows passwords.

Passwords can only be synchronized if both the Directory Server and Windows server are running

in SSL, the sync agreement is configured over an SSL connection, and certificate databases are

configured for Password Sync to access.

1. Copy the PassSync.msi file from /opt/dirsrv/share/passsync on the Directory

Server to the Active Directory machine.

2. Double-click on the PassSync.msi file to install it.

3. The Password Sync Setup window appears. Click Next to begin installing.

4. Fill in the Directory Server host name, secure port number, user name (such as cn=sync

manager,cn=config), the certificate token (password), and the search base (e.g.,

ou=People,dc=example,dc=com).

398 Synchronizing Directory Server with Microsoft Active Directory