I am using IDM 4.0.1a, the IDM server in installed in SuSe11 while the
remote loaders installed in 2 ADs.

AD named common AD , it is for authorized department to creates user
and groups there.
Another AD named application AD, it is for our users to access the
applications in AD. The users and groups are sync from eDir.
eDir, the users and groups are sync from common AD.

I used dsadd
dsadd group
"cn=fo_all,ou=staff,ou=abcusers,dc=comaddev,dc=abc ,dc=edu,dc=hk" -secgrp
yes -scope u -desc staff -samid fo_all

to create a univerial security group in common AD, the group can
publish to eDir, then suscribe to application AD

However, the universal security group changed to Global Security group
when it sync to the application AD,

Would anyone can help

1. how to maintain the group type
2. if we want the group created in eDir is a dynamic group, how to
acheive it?

thanks & Regards,


ayeungied's Profile: http://forums.novell.com/member.php?userid=128701
View this thread: http://forums.novell.com/showthread.php?t=457975