MIMSync - ADLDS #204
Comments
|
If you are using the Generic LDAP Management Agent (aka Connector) you are much better off manually configuring it. The toolkit was only intended to configure the AD MA in attempt to replicate the default configuration of UPS in SP2013. There are no plans to make a version of the toolkit which supports AD LDS.
It is best practice to always specify a dedicated account for each connected data source (in this case AD LDS). You should not use the MIM Sync service account for this purpose. Why? Because the accounts used in each MA will often require specific permissions on the connected data source (in this case replicating directory changes).
There is a *service account* that runs the Sync engine (MIM Sync Service) and then the accounts which speak to the connected systems (AD LDS, SharePoint). Ideal world they should be three different accounts.
Hth
s.
From: JasonHough75 <[email protected]>
Sent: 02 November 2018 14:44
To: SharePoint/PnP-Tools <[email protected]>
Cc: Subscribed <[email protected]>
Subject: [SharePoint/PnP-Tools] MIMSync - ADLDS (#204)
Hi there,
We are trying to use this tool to get UPS sync from ADLDS. WE have installed and working the generic ldap connector. We need the connector (i.e this powershell work) to connect to SharePoint UPS with this info. but we do not have the settings that are needed :
We dont have forestDNSName because it is ADLDS.. The forest that the users are in are in a different name (thats why we have AD LDS on the SharePoint domain).
And also we do not have an UPS account becasue surely MIM will be doing the syncing - can we use the MIM account for this ??
It is driving us mad!! :)
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub<#204>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AMTlCekb1CpcJB8-_uuOPKcvE48tseJAks5urFo0gaJpZM4YLyDC>.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi there,
We are trying to use this tool to get UPS sync from ADLDS. WE have installed and working the generic ldap connector. We need the connector (i.e this powershell work) to connect to SharePoint UPS with this info. but we do not have the settings that are needed :
We dont have forestDNSName because it is ADLDS.. The forest that the users are in are in a different name (thats why we have AD LDS on the SharePoint domain).
And also we do not have an UPS account becasue surely MIM will be doing the syncing - can we use the MIM account for this ??
It is driving us mad!! :)
The text was updated successfully, but these errors were encountered: