Event ID 8226 — UNIX to Windows Password Synchronization -- Configuration Issues
Applies To: Windows Server 2008 R2
.jpg)
UNIX to Windows Password Synchronization -- Configuration Issues indicates the completeness or usability of settings that are configured for UNIX to Windows password synchronization.
When Password Synchronization is properly configured for UNIX to Windows synchronization, and the synchronization service is available, passwords that are changed on UNIX hosts are synchronized on Windows-based computers and domains. The Password Synchronization pluggable authentication module (PAM) makes this possible by intercepting the password change request on the UNIX host, encrypting the password (provided that encryption keys across the Windows and UNIX environments match), and then sending the password change request to the Password Synchronization service running on the Windows-based computers with which it is configured to be synchronized.
Event Details
| Product: | Windows Identity Management for UNIX |
| ID: | 8226 |
| Source: | Microsoft-Windows-IDMU-PSync |
| Version: | 6.0 |
| Symbolic Name: | MSG_ERROR_UNTRUSTED_HOST |
| Message: | Password change request from untrusted host rejected. %rhost = %1 |
Resolve
Check if the password synchronization request originated from an untrusted UNIX-based host
The password change request from a UNIX-based host computer has been rejected because the computer is an untrusted host. This typically occurs when Password Synchronization receives a synchronization request from a UNIX-based host that has not been added to the list of trusted UNIX hosts in the Identity Management for UNIX management console. For more information about adding UNIX-based hosts to your Password Synchronization configuration, see "Adding or removing computers for synchronization" in the Password Synchronization Help.
To add a computer for synchronization:
- Open the Identity Management for UNIX snap-in by clicking Start, pointing to All Programs, and then clicking Identity Management for UNIX.
- If necessary, connect to the computer you want to manage.
- In the hierarchy pane, under the Password Synchronization node, click UNIX Computers, and then do one of the following.
- Right-click UNIX Computers, and then click Add Computer.
- Click Add Computer in the Actions pane.
- On the Action menu, click Add Computer.
- In the Computer name box of the Add Computer dialog box, provide the name or IP address of a UNIX-based computer.
- In the Direction of password synchronization area, select the direction of password synchronization for this computer.
- If necessary, specify a different encryption key than the default key, or click Generate key to have Password Synchronization generate a new key for synchronization with this computer.
- If necessary, change the port number this computer monitors for password changes. The default is 6677. Click OK.
Verify
Retry UNIX to Windows password synchronization for any failed user password change attempts to verify that it is operating normally. Password Synchronization is operating normally when the password synchronization succeeds, and operating under warning conditions if synchronization fails for some passwords but succeeds for others.
Related Management Information
UNIX to Windows Password Synchronization -- Configuration Issues