Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » Password synch between ADAM instance
Password synch between ADAM instance [message #160410] Thu, 27 August 2009 03:52 Go to next message
Frederic Palussiere  is currently offline Frederic Palussiere  France
Messages: 1
Registered: August 2009
Junior Member
Hello,

We try to synchronize password between two different ADAM instance.

In this case we have a multipurpose ADAM instance on backoffice we use
to manage accounts of external partners which are partially replicated
via MIIS to an ADAM instance installed in a DMZ via MIIS.

We would like to synchronize the accounts' password to the external ADAM
like we could do from AD to ADAM but does PCNSSVC could be used to
propagate these between two ADAM and not from an AD ?

Should we develop our own password filter for that ? In this case, how
password change will be handled ?

Thank you for your answers.

Best regards,

Frederic
Re: Password synch between ADAM instance [message #160419 is a reply to message #160410] Thu, 27 August 2009 08:47 Go to previous message
Joe Kaplan  is currently offline Joe Kaplan  United States
Messages: 88
Registered: July 2009
Member
I have not seen much (if any) documentation as to how you might be able to
use PCNS with ADAM or even how to implement a password hook mechanism with
it.

I am under the impression that ADAM supports the same password hook APIs
that AD does and that you could write your own password hook DLL for it that
would work, but I'm unsure of the details.

Another thing you might consider is just implementing this at the
application layer somehow. The nice thing with accounts in ADAM is that
they have their passwords changed via LDAP and that typically involves some
LDAP code to do the work, so you may be able to hook that code and propogate
password changes out via your own mechanism. The advantage of the
server-level hook is that it captures all possible input vectors for
password changes, but you might be able to get close enough for your needs
with a less complex solution.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
"Frederic Palussiere" <replace.withGivenDotSurname@atosorigin.com> wrote in
message news:u3j7dwvJKHA.4136@TK2MSFTNGP04.phx.gbl...
> Hello,
>
> We try to synchronize password between two different ADAM instance.
>
> In this case we have a multipurpose ADAM instance on backoffice we use to
> manage accounts of external partners which are partially replicated via
> MIIS to an ADAM instance installed in a DMZ via MIIS.
>
> We would like to synchronize the accounts' password to the external ADAM
> like we could do from AD to ADAM but does PCNSSVC could be used to
> propagate these between two ADAM and not from an AD ?
>
> Should we develop our own password filter for that ? In this case, how
> password change will be handled ?
>
> Thank you for your answers.
>
> Best regards,
>
> Frederic
Previous Topic:AD Sub-Domain
Next Topic:Password aging
Goto Forum:
  


Current Time: Tue Jan 16 10:41:11 MST 2018

Total time taken to generate the page: 0.02225 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software