No announcement yet.

Question on AD syncronization with AD LDS

  • Filter
  • Time
  • Show
Clear All
new posts

  • Question on AD syncronization with AD LDS

    Hi All,
    I would like to know if following setup is possible.
    The environment is like this, mostly windows 2003 sp 2 dc
    Like this there are several domains, now this what i have done so far
    1. Setup AD LDS instance in one of the child domain for example, synchronize OU=USA from into CN=USA,CN=ADLDSInstance,DC=us,dc=corp,dc=net.
    Now i know above is possible and can be achieve however i want to know whether following is possible or not
    synchronize OU from to CN=ADLDSInstance,DC=us,dc=corp,dc=net, similarly other OU from other child domains.
    Then replicate (or create replica) CN=ADLDSInstance,DC=US,dc=corp,dc=net to CN=ADLDSFRT,DC=corp,dc=net
    Is above setup possible? if yes then what kind of permission i would need on other domains? I tried however i got error of invalid dn syntax. At this point i am not sure if synchronization across domain is possible or not.

    I wanted to know if changes from AD to AD LDS instance synchronize on its own ones AD LDS is setup and initial sync is completed or do i need to run the sync manually everytime there is a change in AD.

    Navdeep [v-2nas]
    Thanks & Regards

    MCTS 2008, MCTIP, MCSE 2003, MCSA+Messaging E2K3, MCP, E2K7
    Sr. Wintel Eng. (Investment Bank)
    Independent IT Consultant and Architect

    Show your appreciation for my help by giving reputation points

  • #2
    Re: Question on AD syncronization with AD LDS

    Humm very interesting
    I think it is possible but lot work required
    I've not tried this before but if I need to do it, I will first check account I will use to sycn between ADLDS and AD in other domain has permissions in both domain. To be on safe side, i m assuming its test enviro and i'll use account with domain and Enterprise admin rights yeah i dont want to squandering my brain & time in figuring security permissions in first place. I'll b leaving it for later.
    ok, if first strategy flunk, i will first replicate first domain with lds installed on same domain. Then i will try to sync lds from first domain to another lds on another domain. Means i'll try to sycn lds between two different domains.
    sound very interesting project, keep me posted.