Hoping to make a most clean as possible sync between our eDirectory and
Active Directory I've tried making two drivers, one that syncs our user
container and the other that syncs on specific groups container.
say the tree looks like :
The result now in using a two driver setup (one thats looking at changes
in OU=USERS <> OU=USERSeDir , and the other looking at OU=GROUPS-APPS <>
OU=GROUPS-APPSeDir) is that the users and groups are coming across fine
but group memberships are not being synchronized.
The error in shot is:
Code(-8003) Unable to synchronize reference ... attribute Member
It even seems that when adding a synced user to a synced group from the
Active Directory side, in eDir it purges the backlink the user has to the
group within the eDirectory, which of course is not good. The two drivers
are not working together as I would think.. but then, Im no IDM expert.
Anyone know how to get around this / fix this?
What does work is the standard AD driver setup and letting all containers
sync.. but I was looking for a elegant setup without the driver getting
too complex... :/
Any help would be greatly appreciated!