返回
-
标题
MemberOf attribute is not synchronized between domains -
说明
Active Roles Synchronization Service can read the "MemberOf" attribute on a user, but it is not written to target domain. It is in the "Rules to modify object attributes" update step of the workflow, and there is both group and user mapping in place. -
原因
Members of a group are stored as a DN value on the Group. members of the Group need to be synced, once the group is successfully synced, the corresponding users will show their "Memberof" attribute up to date. -
解决办法
1.- Create User objects from ForestA to ForestB. Attribute "Memberof" should not be synced here.2.- Create Group objects from ForestA to ForestB. Attribute "Members" should be synced here.