Windows AD domain
NetWare 6.5 eDir
IDM 3.0.1

1. The environment is NetWare 6.5 with novell client installed on
clients where users logon using their Novell account. The Windows XP
desktop has restrictions, so the user cannot make any changes to the PC

2. I have a Windows Application running on a Windows member server in
an AD domain. A feature of the application requires specified users to
be a member of its local group on the windows server it is installed
on. This gives the relevant rights for those users to use the feature
within the application via a shortcut on their desktop.

I have created a Global Security group in the AD domain and made this a
member of the local windows group where the application is running.

3. The IDM engine is installed on the NetWare server with eDir and a
Remote Loader is running on a DC within the AD domain.

4. I have created an AD driver based on the supplied Active Directory
XML file within IDM and set up a one way update from eDir to AD.

What I would like to achieve, but have not managed to do yet, is when a
user in eDir is made a member of a group in eDir, this update is
replicated to to AD to a same named group, which has been already
created in AD.

5. The scenario is that a user logs onto their PC using their Novell
account. If that user is a member of an eDir group ie EQTest, this will
have been replicated to the Global Security group ie. EQtest in the AD
domain, which as I mentioned before is a member of the windows local
group where the application resides. So, this means they can run the
feature within the windows application via a shortcut. Will this work?

What needs to be replicated over to AD? Does the user object and
password need to be replicated as well as its membership of a group? If
so, how do I do this? Is there a simple guide on how to do it?

Thanks in advance.

MReda's Profile: http://forums.novell.com/member.php?userid=21184
View this thread: http://forums.novell.com/showthread.php?t=334263