Sign in
 
HomeLibraryWikiLearnGalleryDownloadsSupportForumsBlogs
Resources for IT Professionals >
Provisioning Self-Service Password Reset for two different Active Directory

Answered Provisioning Self-Service Password Reset for two different Active Directory

  • Wednesday, November 14, 2012 4:52 PM
     
     
    Sign In to Vote
    0

    Hi everyone,

    Has anyone had experience on deploying only one SSPR for multiple Active Directory domain controllers? Is it possible? I'm thinking about Active Directory Federation Services but wonder if FIM (in domain A) would be able to synchronize user profiles (in domain B) to FIM service database.

    Regards,
    -T.s

    Thuan Soldier
    SharePoint Vietnam | Blog | Twitter

     

All Replies

  • Wednesday, November 14, 2012 5:54 PM
     
     
    Sign In to Vote
    0
    One FIM Portal to manage multiple domains/forests should be fine; ADFS for the FIM Portal itself or other FIM services, however, is not supported and probably won't work.
     
  • Thursday, November 15, 2012 12:13 AM
     
     
    Sign In to Vote
    1

    On Thu, 15 Nov 2012 00:00:53 +0000, Gray_Hat wrote:

    Good luck and hope it helps-

    No offense but it would appear that you are hawking your software on these
    forums. Having had a look at your profile it seems that every post you've
    made has been pushing software from sysoptools.

    As per the TOS of these forums advertising is not allowed. If you want to
    push your product then put a link in your signature and stop pushing your
    product in your posts.

    You'll find that this kind of stealth advertising where you don't even
    bother to mention that you have a financial interest in the product you're
    posting about is not very well received in technical forums like these.

    Paul Adare
    MVP - Forefront Identity Manager
    http://www.identit.ca
    Unprecedented performance:  Nothing ever ran this slow before.

     
  • Thursday, November 15, 2012 4:35 AM
     
     Answered
    Sign In to Vote
    0

    FIM supports cross-forest scenario provided there is appropriate trust between the forests.

    ADFS is not supported since it is not claim-aware

     
  • Thursday, November 15, 2012 9:49 AM
     
     
    Sign In to Vote
    0

    @Steve: I'm wondering how FIM services works with other domains it isn't belong to. Do you have any reference covering a little bit about my concern?

    @nTonyHo: which is the trust ?

    Many thanks for your help.

    Thuan Soldier
    SharePoint Vietnam | Blog | Twitter

     
  • Monday, November 26, 2012 2:22 AM
     
     
    Sign In to Vote
    0

    Hi nTony Ho,

    We have two different forests. I'm wondering if my FIM that resides in forest A can provision SSPS to forest B.

    Many thanks for your help.

    Regards,
    -T.s

    Thuan Soldier
    SharePoint Vietnam | Blog | Twitter

     
  • Monday, November 26, 2012 2:40 AM
     
     Answered
    Sign In to Vote
    0
    Re trust -- the user needs to be able to login to the portal. So the forest FIM is in needs to trust the forest the user is in

    The FIM Password Reset Blog http://blogs.technet.com/aho/

     
  • Thursday, December 06, 2012 9:09 AM
     
     
    Sign In to Vote
    0
    Would you prefer to use a third party tool..????