I have a new AD driver synchronizing only passwords from Identity Vault
to AD.(IDV is authoritative). I am planning to turn this driver ON in
production.

1. How can I synchronize the current password of all users on IDV to
the new AD without forcing the user to change the password from IDV?
(which event will trigger the password sync other than password
change?)
2. When a new user is created on AD, how to synchronize the IDV
password(the new user will always exist on IDV but may or may not exist
on AD).?

I am thinking of using the lastLoginTime (as notify on both channels)
and if it is changing, synchronize the password from IDV to AD. Is
this a good idea? Does anyone suggest a better idea to do this?

Thanks much!


--
arbask
------------------------------------------------------------------------
arbask's Profile: http://forums.novell.com/member.php?userid=17567
View this thread: http://forums.novell.com/showthread.php?t=420505