none
Synchronize user password across 2 AD forests

    Domanda

  • Hi,

    Please help on the below requirement.

    Forest A (Domain - 1), Forest B (Domain - 2) Both forest functional level 2012 R2 having 

    Primary users in A1 (applications and computer domain) and have the same user accounts created in B2 (O365 emails is hosted) in an OU. Need to synchronize the password from A1 to B2 so that the users have to remember only 1 password for computer login and O365 emails.

    I have gone through the below article which gives a good insight but it does not specify whether the users are already created in the trusting domain (Fim.lab.local)

    https://social.technet.microsoft.com/wiki/contents/articles/19821.how-to-password-synchronization-with-pcns-using-a-one-way-externalforest-trust-with-selective-authentication.aspx

    Regards,

    Shoeb

    domenica 8 luglio 2018 12:50

Tutte le risposte

  • Hi,

    it does not matter if the users are already created in both domain, typically there are, but you can also provision the accounts with your solution an sync the PW than.

    Keep in mind that the PW will only sync when the user changes the PW and PCNS captures the cleartext PW that will than transported securely to the destination domain.

    You cannot synchronized already set PW from source domain to dest domain.

    /Peter


    Peter Stapf - ExpertCircle GmbH - My blog: JustIDM.wordpress.com

    lunedì 9 luglio 2018 08:10