psadmin
Applies To: Windows Server 2008
psadmin
NAME
psadmin - Windows command-line utility to manage Password Synchronization
SYNOPSIS
psadmin [computername] [common_option] [add | delete | list]
psadmin [computername] [common_option] config [config_option]
DESCRIPTION
The psadmin Windows command-line utility manages the Password Synchronization component of Identity Management for UNIX, either on a specified computer, or globally. The specific action that psadmin performs depends on the command argument you specify.
In addition to specific command arguments, psadmin accepts the following common options and arguments, represented by common_option in the command synopsis:
| Term | Definition |
|---|---|
-u username |
The account name of the user whose password synchronization behavior you want to modify or view. |
-p password |
The password for the user account whose password synchronization behavior you want to modify or view. |
-? |
Displays usage information for the command. |
The following configuration options are accepted by psadmin:
| Term | Definition |
|---|---|
-comp name |
Computer to which configuration options are applied. If -comp is unspecified, Password Synchronization modifies the default configuration settings. If -comp is the only option specified, then Password Synchronization configuration of the specified computer is displayed. |
-enable direction |
Specifies the direction of password synchronization. The variable direction can contain one of the following values: WintoUnix: Synchronize password changes from computers that run Windows operating systems to computers that run UNIX operating systems. UnixToWin: Synchronize password changes from computers that run UNIX operating systems to computers that run Windows operating systems. BothDir: Enable two-way password synchronization. |
-key keyvalue |
Sets the encryption and decryption key for the computer specified by -comp. If keyvalue is random, Password Synchronization uses a random encryption key. |
-port number |
Sets the port number for the specified computer. |
-retry number |
Specifies the number of retries allowed. Because this option is a global setting, it can be used only when -comp is not used. |
-interval secs |
Specifies the elapsed time period, in seconds, between retries. Because this option is a global setting, it can be used only when -comp is not used. |
-log [yes | no] |
Enables or disables logging. Because this option is a global setting, it can be used only when -comp is not used. |
-? |
Displays psadmin usage and arguments. |
The following command arguments are accepted by psadmin:
| Term | Definition |
|---|---|
add computername |
Adds the specified computer to the list of computers participating in password synchronization. |
delete computername |
Deletes the specified computer from the list of computers participating in password synchronization. |
list |
Displays the list of computers participating in Password Synchronization. |
syncSNIS [yes | no] |
Enable (yes) or disable (no) automatic synchronization of passwords in the Windows to UNIX direction for all NIS accounts that have been migrated to Active Directory Domain Services (AD DS). If you add the syncSNIS parameter to the psadmin command with a "yes" value, you are prompted to perform the Windows Server 2003 Service Pack 1 (SP1) compatibility check. It is strongly recommended that you perform this check as a security best practice. For more information about the compatibility check, see Best Practices for Password Synchronization. |