none
MIM with AD root child forest RRS feed

  • Question

  • Is there a way to get MIM working with an AD root child forest. The AD MA is pointing at the 'root' which only ever returns a specific AD server, which can only see a very limited area of the tree. So MIM cannot see 98% of the tree. Is there a solution to a root child forest?

    thanks,

    Alistair

    Tuesday, January 28, 2020 2:26 PM

Answers

  • On the Configure Directory Partitions on AD MA configuration you can select directory partitions you want to synchronize (all domains from the forest should be there). Please note that during synchronization MIM will connect to AD server from each selected domain (so you need network communication to be open between MIM and these domain controllers).

    Borys Majewski, Identity Management Solutions Architect (Blog: IDArchitect.NET)

    • Marked as answer by AlistairY Wednesday, January 29, 2020 9:58 AM
    Tuesday, January 28, 2020 8:24 PM

All replies

  • On the Configure Directory Partitions on AD MA configuration you can select directory partitions you want to synchronize (all domains from the forest should be there). Please note that during synchronization MIM will connect to AD server from each selected domain (so you need network communication to be open between MIM and these domain controllers).

    Borys Majewski, Identity Management Solutions Architect (Blog: IDArchitect.NET)

    • Marked as answer by AlistairY Wednesday, January 29, 2020 9:58 AM
    Tuesday, January 28, 2020 8:24 PM
  • thanks for that. They removed the other partitions to get round the issue.
    Wednesday, January 29, 2020 9:59 AM