[Fedora-directory-users] password sync with 2 AD domains
David Boreham
david_list at boreham.org
Sun Oct 29 16:05:53 UTC 2006
> Is there any hope that a virtual view would be enough ? I have indeed
> a single ou for all the users in FDS.
Not without code changes, I don't think so. The code uses certain
criteria to determine if a given entry 'belongs' in the target AD.
It can support multiple AD domains (create multiple sync agreements).
However the criteria are : correct object class, and correct subtree.
Therefore your entries would match for both agreements and hence
get sync'ed to both AD domains, which is not what you want.
The 'fix' would be to store the domain name in the entry
(possibly this is already done, I can't remember), and then
add that to the criteria for syncing.
More information about the Fedora-directory-users
mailing list