Environment
Novell Identity Manager - Password Synchronization
Novell Identity Manager Driver - Active Directory
Novell Identity Manager Driver - Active Directory
Situation
Identity Manager (IDM) is running on one of the Linux servers with eDirectory
8.8.2.
Remote Loader is installed on one of the Windows 2003 servers. This server is a member server of the domain where accounts are synchronized. In this setup the user is synchronized from eDirectory to Microsoft Active Directory (MAD) successfully but passwords are not synchronized across though they should be as well.
Remote Loader is installed on one of the Windows 2003 servers. This server is a member server of the domain where accounts are synchronized. In this setup the user is synchronized from eDirectory to Microsoft Active Directory (MAD) successfully but passwords are not synchronized across though they should be as well.
Resolution
Since the driver shim (within the Remote Loader in this case) was
running on one of the domain member servers be sure to enable the
following setting form the Driver properties as mentioned in the
documentation:
- Stop the MAD driver.
- Edit the Driver Properties.
- Driver Configurations.
- Driver Settings -> Authentication Options.
- Enable the "Digitally sign and seal communication".
- Restart the Driver..
Additional Information
Since the driver shim is running on a domain member server within
the Remote Loader the communications between the Remote Loader and
Domain Controller are not sent until the connection is
secured. See the documentation for proper methods to secure
the communications between the driver shim and the domain
controller.