Iniciar sesión
 
InicioBibliotecaAprendizajeDescargaSoporteComunidadForos
Recursos para Profesionales de TI >
Question on AD syncronization with AD LDS

Respondida Question on AD syncronization with AD LDS

  • jueves, 29 de marzo de 2012 8:09
     
     
    Inicie sesión para votar
    0

    Hi All,

    I would like to know if following setup is possible.

    The environment is like this, most windows 2003 sp 2 dc

    corp.net

    us.corp.net

    africa.corp.net

    eu.corp.net

    Like this there are several domains, now this what i have done so far

    1. Setup AD LDS instance in one of the child domain for example us.corp.net, synchronize OU=USA from us.corp.net into CN=USA,CN=ADLDSInstance,DC=us,dc=corp,dc=net.

    Now i know above is possible and can be achieve however i want to know whether following is possible or not

    synchronize OU from africa.corp.net to CN=ADLDSInstance,DC=us,dc=corp,dc=net, similarly other OU from other child domains.

    Then replicate (or create replica) CN=ADLDSInstance,DC=US,dc=corp,dc=net to CN=ADLDSFRT,DC=corp,dc=net

    Is above setup possible? if yes then what kind of permission i would need on other domains? I tried however i got error of invalid dn syntax. At this point i am not sure if synchronization across domain is possible or not.

    Regards,

    Navdeep [v-2nas]

     

Todas las respuestas

  • viernes, 30 de marzo de 2012 2:32
     
     
    Inicie sesión para votar
    0

    can any ad expert provide their valuable inputs on this?

    Regards,

    Navdeep

    Regards, Navdeep [a.k.a v-2nas]

     
  • sábado, 31 de marzo de 2012 7:50
     
     Respondida
    Inicie sesión para votar
    0

    Hi,

    There's really few ADAM/ADLDS resources on Techent. For ADAM Sync, I think it is availabe if you want to import DN cross domain.  You need to edit the XML as followings:

    <description> = This may contain ADAM Instance & Application specific information that describe what this configuration file is used for
    <source-ad-name> = This is the computer name of the Domain Controller server you are synchronizing from
    <source-ad-partition> = This allows you to specify which partition othe Active Directory you are synchronizing from
    <target-dn> = This is the root ADAM directory partition you are synchronizing to
    <base-dn> = This is the root Active Directory domain partition you are synchronizing from

    You could check the following blog:
    http://blogs.msdn.com/b/jeff/archive/2007/04/01/synchronize-active-directory-to-adam-with-adamsync-step-by-step.aspx

    Thanks, Brian

    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

     
  • jueves, 05 de abril de 2012 10:59
     
     
    Inicie sesión para votar
    0

    Hi Brian,

    Thanks for replying. I was too engrossed in troubleshooting the issue. Actually the  scenario which i have described is possible but got issues making it work. One issue or may  be by design which i noticed, when you create a replica for AD LDS instance and if the AD LDS instance that you are replication from is from child domain and you are replicating it to the root domain you won't see the option to lookup the server in child domain. You need to specify the netbios name and perform check name and it will resolve.

    By design it appears that it doesn't support name resolution in child domain however replication to root domain from child domain is possible.

    Regards,

    Navdeep

    www.ExchangeADTech.com

    Regards, Navdeep [a.k.a v-2nas]