19.5. Password Sync Service
The Password Sync service must be installed on the Active Directory server. It synchronizes password changes made on Active Directory with the corresponding entries' passwords on the Directory Server. Like any Windows service, it can be modified, started and stopped, and uninstalled, depending on how synchronization between Directory Server and Active Directory changes.
To reconfigure Password Sync, open the Windows Services panel, highlight Password Sync, and select Modify. This goes back through the configuration screens.
The Password Sync service is configured to start whenever the Active Directory host is started. To reconfigure the service so that it does not start when Windows reboots:
Go to the Control Panel, and select Services.
Scroll through the list of services for the Password Sync service. The Startup field is set to Automatic.
Double-click on Password Sync.
Select the Manual radio button, and then click OK.
To start and stop Password Sync, do the following:
Go to the Control Panel, and select Services.
Scroll through the list of services for Password Sync, and right-click on it.
Select Stop or Start, and hit okay.
Changed passwords are captured even if Password Sync is not running. If Password Sync is restarted, the password changes are sent to Directory Server at the next synchronization.
To uninstall the Password Sync service, do the following:
Open the Add/Remove Programs utility.
Select click remove to uninstall the Password Sync service.
If SSL was configured for the Password Sync, then the cert8.db and key3.db databases that were created were not removed when Password Sync was uninstalled. Delete these files by hand.