Not able to sync passwords from eDirectory to Active Directory

  • 7003837
  • 09-Jul-2009
  • 26-Apr-2012

Environment

Novell Identity Manager - Password Synchronization
Novell Identity Manager Driver - Active Directory

Situation

Identity Manager (IDM) is running on one of the Linux servers with eDirectory 8.8.2.
Remote Loader is installed on one of the Windows 2003 servers.  This server is a member server of the domain where accounts are synchronized.  In this setup the user is synchronized from eDirectory to Microsoft Active Directory (MAD) successfully but passwords are not synchronized across though they should be as well.

Resolution

Since the driver shim (within the Remote Loader in this case) was running on one of the domain member servers be sure to enable the following setting form the Driver properties as mentioned in the documentation:
  1. Stop the MAD driver.
  2. Edit the Driver Properties.
  3. Driver Configurations.
  4. Driver Settings -> Authentication Options.
  5. Enable the "Digitally sign and seal communication".
  6. Restart the Driver..

Additional Information

Since the driver shim is running on a domain member server within the Remote Loader the communications between the Remote Loader and Domain Controller are not sent until the connection is secured.  See the documentation for proper methods to secure the communications between the driver shim and the domain controller.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.