Windows Password Synchronization Tool

The purpose of the Windows Password Synchronization Tool (previously the Altus Windows Password Filter) is to resolve, and protect against, the situation where the Windows Password stored in the DigitalPersona database becomes out of sync with the user's current password as stored in Active Directory.

When a user initially identifies themselves through the DigitalPersona software, either through self-enrollment within the DigitalPersona Console, or through Attended Enrollment, their Windows password is stored in the DigitalPersona database. When they change their Windows password through the DigitalPersona credential provider (at the logon screen) or through one of the DigitalPersona clients, their new password is stored in the DigitalPersona database and all is well.

If, on the other hand, their Windows password is changed outside of the DigitalPersona software, for instance through a non-DigitalPersona credential provider, the password is not stored in the DigitalPersona database and becomes unsynchronized, resulting in the inability for the user to authenticate within any of the DigitalPersona components.

Solution

The Windows Password Synchronization Tool, residing on the enterprise's domain controllers, intercepts all password change requests within the domain, and ensures that the new passwords are written to the DigitalPersona database.

It is critical that the tool be installed on all domain controllers in the domain.

Location

The Windows Password Synchronization Tool is part of the DigitalPersona Premium 2.1 and above releases. It is located in the DigitalPersona Windows Password Synchronization folder.