Hi,
We have pwsync working with IdM 7.0 and AD on Windows Server 2003 SP1.
However there are ~40 Domain Controllers on which we wil have to deploy this thing.
Is there an easy way to script the install/configuration of passwordsync ? I can see a reference to registry keys used by pwsync in Chapter 9 of the Administration guidecumentation, so maybe a script that poked values into the registry ?
cheers,
Rob.
I would not do that.
You will also have to register the DLL's properly and hook it into the system to turn on the capture functionality. This will need a number of registry settings spread out in a number of places.
The whole install comes as a MSI file so just run the file, during the install it also checks if the dll's from the OS it depends on are there with the minimum versions.
For the configuration: you will get a GUI to set the values.
NOTE: due to the way Microsoft lets us hook into the system a reboot IS needed, this makes it a manual process anyway.
WilfredS
Hi Wilfred,
I am having problem configuring passwordSync.
I have set up AD and passwordSync on a remote system and have IDM which is installed on my system communicate with it.
In the Chapter PasswordSync of Administration guide, I am not sure on how and what values to feed in the JMS Settings, JMS Properties, Email and Trace tabs in passwordSync configuration.
I will be very glad if you can brief me on why and how these values are to be given.
Thanks in advance,
Zebra7
Hi WilfredS,
Thanks for the input.
I see your point on the install side. If you take the default 'Typical Install' then that's a 4 click operation.--so not toooo bad. Though even there it would be better if there was a scripted way to say "install in Typical Install mode".
I was more concerned about the config phase which has 4 screens of info. So, even if it only takes 5 minutes to fill in that's a good 3.5 hours work on 40
domain controllers.
The doc gives the impression that one can edit the registry settings to configure Password Syns:
"You can use the Windows Registry Editor to edit the registry keys listed in
Table 9-2 . These keys are located in:
HKEY_LOCAL_MACHINE\SOFTWARE\Waveset\Lighthouse\PasswordSync
Other keys are present in this location, but they can be edited with the
configuration tool."
So still wondering if it would be worth using a script to poke the config values into the registry...
cheers,
Rob.
Hello Rob,
I have used the following process successfully:
1. Install and correctly configure PWsync on one server.
2. Extract the registry settings from HKEY_LOCAL_MACHINE\SOFTWARE\Waveset\Lighthouse\PasswordSync
3. Install PWsync on the remaining Domain Controllers just using the default configuration options.
4. Add the registry settings from step 2 to the remaining Domain Controllers.
Hope this helps.
Bert.
