This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DirSync merging with contacts is not copying all group memberships

Hello, 

Having an issue where we're not getting all group memberships merged to a target account, if those groups are in a different domain within the same target forest. 

 

  • Target domain is a member of a multi-domain forest
  • Forefront Identity Manager (FIM) has created contact objects in target domain, corresponding to users in source domain
  • Contact objects may be members of Distribution Lists (DLs) in a number of domains in the target forest, not necessarily only ones in the target domain
  • Using Directory Sync to merge target user (created via migration session) with target contact
  • DLs that are in the target domain are merged just fine and show up on the target user, but DLs that reside in other domains of the target forest are lost

Any ideas of how to get around this?  Is there a way to set DirSync up for multiple target domains, or perhaps the entire target forest, so it will be aware of these other groups?

Thanks!

Justin

 
Parents
  • Hi Chris,

    Thanks for the reply, I appreciate it. Yes, this behavior came up during our testing with the PSC, but we did not get it resolved during the engagement.

    Would setting up another DSA pair between the source domain and a different child domain in the target allow groups in that different child target domain to be synchronized to the migrated user? Basically, having a synchronication set up for each target domain that might contain groups that these contact objects are in?

    Thanks,

    Justin
Reply
  • Hi Chris,

    Thanks for the reply, I appreciate it. Yes, this behavior came up during our testing with the PSC, but we did not get it resolved during the engagement.

    Would setting up another DSA pair between the source domain and a different child domain in the target allow groups in that different child target domain to be synchronized to the migrated user? Basically, having a synchronication set up for each target domain that might contain groups that these contact objects are in?

    Thanks,

    Justin
Children
No Data