none
Synchronize user password across 2 AD forests

    질문

  • Hi,

    Please help on the below requirement.

    Forest A (Domain - 1), Forest B (Domain - 2) Both forest functional level 2012 R2 having 

    Primary users in A1 (applications and computer domain) and have the same user accounts created in B2 (O365 emails is hosted) in an OU. Need to synchronize the password from A1 to B2 so that the users have to remember only 1 password for computer login and O365 emails.

    I have gone through the below article which gives a good insight but it does not specify whether the users are already created in the trusting domain (Fim.lab.local)

    https://social.technet.microsoft.com/wiki/contents/articles/19821.how-to-password-synchronization-with-pcns-using-a-one-way-externalforest-trust-with-selective-authentication.aspx

    Regards,

    Shoeb

    2018년 7월 8일 일요일 오후 12:50

모든 응답

  • Hi,

    it does not matter if the users are already created in both domain, typically there are, but you can also provision the accounts with your solution an sync the PW than.

    Keep in mind that the PW will only sync when the user changes the PW and PCNS captures the cleartext PW that will than transported securely to the destination domain.

    You cannot synchronized already set PW from source domain to dest domain.

    /Peter


    Peter Stapf - ExpertCircle GmbH - My blog: JustIDM.wordpress.com

    • 답변으로 제안됨 Peter_StapfMVP 2018년 7월 15일 일요일 오전 9:13
    2018년 7월 9일 월요일 오전 8:10