none
PCNS and SSPR between 2 forests RRS feed

  • Question

  • Hi,

    We have a requirement to have the same users in 2 separate forests, Forest A and Forest B. So users from Forest A are also created in Forest B via FIM.

    FIM Sync, Portal and SSPR is deployed in Forest A.

    Users log unto workstation in Forest B, where they need to be able to change their passwords, using the traditional cntrl-alt-del routine; these passwords need to be replicated to Forest A.

    Additionally users in Forest B must be able to reset their passwords using the FIM add-ins and extensions, as well as via the SSPR Portal which is hosted in Forest A. So effectively, password changes in Forest A must also be replicated to Forest B.

    Since PCNS is unidirectional - is the above actually possible?

    thanks,

    DW


    • Edited by D Wind Wednesday, February 19, 2014 8:23 AM
    Wednesday, February 19, 2014 8:23 AM

Answers

  • Hello,

    yes it is possibe. PCNS copies the Password from Forest B to Forest A. But FIM copies changed Password not to Forest A but to Forest B. So a regular Password Change per CTRL+ALT+Delete made in Forest B is copied via PCNS to Forest A. But in case a user resets a Password using the FIM Portal then the FIM sets the Passsword using the AD Management Agent in Forest B and this Password Set Operation Triggers again PCNS. So in both cases the Password is set in in Forest B and synchronized to Forest A.

    Henry

    • Marked as answer by D Wind Wednesday, February 19, 2014 11:00 PM
    Wednesday, February 19, 2014 10:58 AM

All replies

  • Hello,

    yes it is possibe. PCNS copies the Password from Forest B to Forest A. But FIM copies changed Password not to Forest A but to Forest B. So a regular Password Change per CTRL+ALT+Delete made in Forest B is copied via PCNS to Forest A. But in case a user resets a Password using the FIM Portal then the FIM sets the Passsword using the AD Management Agent in Forest B and this Password Set Operation Triggers again PCNS. So in both cases the Password is set in in Forest B and synchronized to Forest A.

    Henry

    • Marked as answer by D Wind Wednesday, February 19, 2014 11:00 PM
    Wednesday, February 19, 2014 10:58 AM
  • but of course! so clear now, thank you !
    Wednesday, February 19, 2014 11:00 PM