Sorry for Newbie question to IDM3 (not new to Novell though).

I have our lab setup with:
ServerA with PROD tree with all our users (NW 6.5 SP5)
ServerB with IDVAULT tree with IDM3 Engine (NW 6.5 SP5)
ServerC with Win2003 running AD with RemoteLoader of AD driver.

I've gone through the iManager steps of setting up the AD driver and noticed
that the Subscriber channel doesn't have an Event Transformation policy.
Question 1: Is this normal?

Presently, new users entered in AD on ServerC are replicated to IDVAULT but
no IDVAULT users get created in AD.
Question 2: Suggestions? I know that communications from IDVAULT to AD is
good becuase if I modify the newly created objects received in IDVAULT the
changes are returned to AD. Is it because I don't have the Event
Transformation policy on Subscriber Channel?

Question 3: If it is the missing Event Tranformation policy, I did create
one using the predefined "Event Transformation - Scope Filtering - Include
Subtree(s)" rule and still not success.

The first goal is to have user accounts and passwords synchronized between
PROD on ServerA and AD on ServerC, through IDVAULT on ServerB.

Question 4: Does anyone have anything to add to help me along?

My goal is to get it working in the lab, then bring in a consultant to look
over the setup for a couple days before we do this in our production
environment. The good thing about our production environment is that we
have the same lab conditions, that is no users in the AD domain, only users
in PROD tree (about 1000 users). I'm guessing the empty AD domain will make
the synch smoother and cleaner.

We want to move to a production envirnoment where all our users authenticate
to dual NOS and hope to get the best of both worlds this way.

Any and all comments appreciated.