1

Basically the idea is to copy and update 1 OU in the master Domain into slave Domain. The OU will have users and groups in it. If a new user is created in the master domain they will be created in the slave domain. If the user changes there password in the master domain it will update in the slave domain. Note: users don't change their password in the slave domain.

I have currently setup an import MA for the master domain and an export for the slave domain in my dev environment. If I configure the attribute flow I can get update attributes in the slave domain from the master.

I am open to suggestions for other software that will achieve this goal.

Izzy
  • 8,214
  • 2
  • 30
  • 35

1 Answers1

0

Can't speak for Forefront Identity Manager (although we do have it at my org), but I can vouch for Quest Active Directory Migration Manager. Trial download is available for you to try before you buy.

We migrated 000's of users from one domain/forest to another domain/forest, and we used this tool to keep the accounts synchronised between domains. It also kept their passwords synchronised on an ongoing basis (until we completed the merger and no longer needed the synchronisation)

Izzy
  • 8,214
  • 2
  • 30
  • 35
  • Unfortunately that software will be to costly to justify. To clarify the scale is multiple slave domains with < 20 users each. With less then 100 users total in the master domain. –  Sep 22 '10 at 05:13