diff --git a/lam/docs/.gitignore b/lam/docs/.gitignore
index d0ab389f..5af3add9 100644
--- a/lam/docs/.gitignore
+++ b/lam/docs/.gitignore
@@ -1,3 +1,5 @@
 /manual
 /manual-pdf
 /manual-onePage
+/manual.tar.gz
+/phpdoc/
diff --git a/lam/docs/manual-sources/howto.xml b/lam/docs/manual-sources/howto.xml
index 32cd1db7..e289880c 100644
--- a/lam/docs/manual-sources/howto.xml
+++ b/lam/docs/manual-sources/howto.xml
@@ -8384,7 +8384,7 @@ OK (10 msec)</programlisting>
               </row>
 
               <row>
-                <entry morerows="2"><inlinemediaobject>
+                <entry morerows="3"><inlinemediaobject>
                     <imageobject>
                       <imagedata fileref="images/schema_unix.png" />
                     </imageobject>
@@ -8408,6 +8408,13 @@ OK (10 msec)</programlisting>
                 synchronization options.</entry>
               </row>
 
+              <row>
+                <entry>Sync Unix password with Windows password</entry>
+
+                <entry>This is a hidden field. It will update the Unix
+                password each time the Windows password is changed.</entry>
+              </row>
+
               <row>
                 <entry morerows="1"><inlinemediaobject>
                     <imageobject>
diff --git a/lam/lib/modules/posixAccount.inc b/lam/lib/modules/posixAccount.inc
index afaa2743..4ac81d64 100644
--- a/lam/lib/modules/posixAccount.inc
+++ b/lam/lib/modules/posixAccount.inc
@@ -183,7 +183,12 @@ class posixAccount extends baseModule implements passwordService {
 			// self service search attributes
 			$return['selfServiceSearchAttributes'] = array('uid');
 			// self service field settings
-			$return['selfServiceFieldSettings'] = array('password' => _('Password'), 'cn' => _('Common name'), 'loginShell' => _('Login shell'));
+			$return['selfServiceFieldSettings'] = array(
+					'password' => _('Password'),
+					'cn' => _('Common name'),
+					'loginShell' => _('Login shell'),
+					'syncWindowsPassword' => _('Sync Unix password with Windows password')
+			);
 			// possible self service read-only fields
 			$return['selfServiceReadOnlyFields'] = array('cn', 'loginShell');
 			// self service configuration settings
@@ -2844,6 +2849,14 @@ class posixAccount extends baseModule implements passwordService {
 		if ($passwordChangeOnly) {
 			return $return;
 		}
+		// sync from Windows password
+		if (in_array('syncWindowsPassword', $fields) && !empty($_POST['windowsUser_unicodePwd'])) {
+			$password = $_POST['windowsUser_unicodePwd'];
+			$return['mod']['unixUserPassword'][0] = pwd_hash($password, true, $this->selfServiceSettings->moduleSettings['posixAccount_pwdHash'][0]);
+			if (isset($attributes['shadowLastChange'][0])) {
+				$return['mod']['shadowLastChange'][0] = intval(time()/3600/24);
+			}
+		}
 		// cn
 		if (in_array('cn', $fields) && !in_array('cn', $readOnlyFields)) {
 			if (isset($_POST['posixAccount_cn']) && ($_POST['posixAccount_cn'] != '')) {