• State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 20 subscribers
  • Views 22808 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Best solution to synchronise password on two ways sync (and all others attributs only source => target)

cyril.rousselet
over 6 years ago

Hi,

At this time we have defaut synchronisation SOURCE => TARGET. But when users must change password on TARGET, the users have 2 passwords...

We think to synchronize on two ways sync (SOURCE <=> TARGET) but we won't the SOURCE will be damaging. (groups members deleted on source ?...)

Maybe we can synchronize only password (SOURCE <=> TARGET) and all others defauts attributs (SOURCE => TARGET), but how ? (Using "attributes to skip" options ?...)

 

Thanks for your help and advices :)

Parents
  • 0 over 6 years ago

    Hi Cyril,

    What is the reason for wanting to sync pwd from target > source. Are you migrating people from Source > Target keeping their accounts active in the source? If so is their any reason for keeping them active in the source? If you are migrating users with SidHistory you can disable the source accounts after the migration, then the Target accounts will be able to access the source resources. This way the password from the source will never get synced from Source > Target after the migration. On another note the DSA will only sync the password from source to target if the password is newer then in the Target, or during a full dirsync (I might be mistaken on the last statement "or during a full dirsync")

Reply
  • 0 over 6 years ago

    Hi Cyril,

    What is the reason for wanting to sync pwd from target > source. Are you migrating people from Source > Target keeping their accounts active in the source? If so is their any reason for keeping them active in the source? If you are migrating users with SidHistory you can disable the source accounts after the migration, then the Target accounts will be able to access the source resources. This way the password from the source will never get synced from Source > Target after the migration. On another note the DSA will only sync the password from source to target if the password is newer then in the Target, or during a full dirsync (I might be mistaken on the last statement "or during a full dirsync")

Children
No Data