I have IDM 3.6.1 setup to sync between eDirectory and AD for a few AD
only implementations.

While the sync works well, I have been bitten a few times when certain
changes in AD propagate back to eDir.

What is the proper method for making sure that only subscriber data is
synced? I want to make sure that nothing from AD syncs back to eDir.


