Configuring sso.conf with FILE_PATH parameter in Password Sync

Applies to: Microsoft Windows Server 2003 R2 Datacenter x64 EditionMicrosoft Windows Server 2003 R2 Enterprise Edition (32-Bit x86)Microsoft Windows Server 2003 R2 Enterprise x64 Edition


Consider the following scenario:
  • You are using Password Synchronization to synchronize passwords with a stand-alone UNIX system
  • The UNIX system is a NIS server and the source files for the password/group maps are not stored in /etc directory

In this scenario, modifying the sso.conf file to change the FILE_PATH parameter to the location of the NIS source files breaks the synchronization of passwords and NIS maps do not reflect any changes in the passwords.

This is an expected behavior since the ssod daemon does not synchronize passwords to any other locations apart from the default location of passwd and group files depending on the UNIX operating system. The FILE_PATH parameter change will take effect only when the UNIX kernel also stores the passwd/group information to a different location.

From sso.conf file:

#  FILE_PATH - Full path to the password file, either /etc/shadow or /etc/passwd depending on the value of USE_SHADOW.
#  Note: In some UNIX platforms both passwd and shadow files may be named differently and in different locations. Choose the appropriate path to specify here.

More Information

This behavior was first introduced with the ssod daemon shipped with Microsoft Windows Services for UNIX 3.0 product.

More details on other parameters of sso.conf file can be found here