none
Can Password Change Notification Service sync password changes from one domain to another without FIM? RRS feed

  • Question

  • Is it possible to use Password Change Notification Service to sync user passwords from one domain directly to another domain without the use of MIIS/FIM?

    I'm following this installation guide.  When looking at the Service Principal Name configuration, it leads me to believe FIM/MIIS is required.  Can this be pointed to a DC in the other directory instead?

    Setspn.exe -a <user defined named for target MIIS 2003 server>/<fully qualified domain name of the server running MIIS 2003>\<domain\user name of the MIIS 2003 service account>

    Tuesday, January 14, 2014 8:11 PM

All replies

  • No. The PCNS service communicates with FIM Sync to broker the password to the other domain.

    Thanks, Brian

    Tuesday, January 14, 2014 8:29 PM
    Moderator
  • Thanks Brian, can it do this for ID's not originally created by or currently managed by FIM?
    Friday, January 17, 2014 5:18 PM
  • On Fri, 17 Jan 2014 17:18:47 +0000, Dana Denlinger wrote:

    Thanks Brian, can it do this for ID's not originally created by or currently managed by FIM?

    Not originally created by - yes.
    Not currently managed by - no.


    Paul Adare - FIM CM MVP
    About the use of language: it is impossible to sharpen a pencil with a
    blunt
    ax. It is equally vain to try to do it with ten blunt axes instead.
    -- Dijkstra

    Friday, January 17, 2014 5:30 PM