Monday, June 05, 2006 8:41 AM
We have a problem with a limitaion with pcns. We have two domains in two forests. We want to syncronize password without setting up a two way trust. Is there a way to do this today or is there some software updates in near future that would help? I heard that the Oxford Computer Group maybe have made a product to help with this problem.
Tuesday, June 06, 2006 9:27 PM
You can synchronize passwords one-way between the forests without trust, as long as MIIS and PCNS live in the same forest together.
For example, you want to synchronize accounts in Forest A to Forest B. You would install PCNS and MIIS in Forest A together, and configure them to synchronize both the accounts and passwords to Forest B. The credentials provided in the MIIS Management Agent for Forest B take care of authentication without the trust requirement.
MIIS has no support for bi-directional synchronization of passwords.
Tuesday, June 06, 2006 10:30 PM
Oxford has done work to overcome the trust issue but we currently do not sell it as a product, only as a services engagement.
Tuesday, June 06, 2006 10:35 PMOk, thank you for your answers. I hope MS in later versions would implement sync both way with no trust.