Chapter 5. Advanced Setup and Configuration
68
9. Open a command prompt on the Windows machine, and open the
Password Sync
installation
directory.
cd "C:\Program Files\Red Hat Directory Password Synchronization"
10. Create new
cert8.db
and
key.db
databases on the Windows machine.
certutil.exe -d . -N
11. Import the server certificate from the Directory Server into the new certificate database.
certutil.exe -d . -A -n "DS CA cert" -t CT,, -a -i
\path\to\
dsca.crt
12. Verify that the CA certificate was correctly imported.
certutil.exe -d . -L -n "DS CA cert"
13. Reboot the Windows machine. The Password Sync service is not available until after a system
reboot.
NOTE
If any Active Directory user accounts exist when Password Sync is first installed, then
the passwords for those user accounts cannot be synchronized until they are changed
because Password Sync cannot decrypt a password once it has been hashed in Active
Directory.
Directory
Library
Directory
Library
C:\WINDOWS
\system32
passhook.dll
C:\WINDOWS
\system32
libnspr4.dll
C:\WINDOWS
\system32
nss3.dll
C:\WINDOWS
\system32
sqlite3.dll
C:\WINDOWS
\system32
softokn3.dll
C:\WINDOWS
\system32
nssdbm3.dll
C:\WINDOWS
\system32
nssutil3.dll
C:\WINDOWS
\system32
smime3.dll
C:\WINDOWS
\system32
freebl3.dll
C:\Program Files\Red
Hat Directory Password
Synchronization
nsldap32v60.dll
C:\Program Files\Red
Hat Directory Password
Synchronization
certutil.exe
C:\Program Files\Red
Hat Directory Password
Synchronization
nsldappr32v60.dll
C:\Program Files\Red
Hat Directory Password
Synchronization
nsldapssl32v60.dll
C:\WINDOWS
\system32
ssl3.dll
C:\WINDOWS
\system32
libplc4.dll