This is probably a dumb question, but here's what I have to work with:

We have eDirectory that is synced via IDM to AD for USERS only. Our eDir tree is heavily partitioned and replicated due to our 50+ WAN locations. However, our AD is "flat" (ie, all users are in cn=users or something).

We have all our pc's are members of the Domain (so all the workstations show up in AD).

Here's my quandry for USERS sources:

a) 99% of my users are in eDir, (well okay all of them are). However, we have one site that has it's own AD Domain, and NO Novell client on their pc's. So when those users login, they use their own userid/passwords on their own AD Domain. (they exist in eDir as purely LDAP users for our timecard system, but that's it).

So I kinda "need" to have two User Sources. One that points to eDir for every BUT those users, and one that would point to THAT SITE's AD for their own users, in order to get a "seamless" login to the workstation and ZCM.

Is this possible?

We've always had issues of pc's not showing up in ZEN 7 (agent not working properly, etc.) But, we can "guarantee" they'll exist in AD (if it doesn't, then user cannot login).

a) Can I have my USERS be in eDir and the "other site" AD, yet pull the workstations in from TWO different AD domains?

I THINK there's like an LDAP import for workstations that can be scheduled.

We normally assign bundles (regular bundles, not patches) to USERS or User containers.

We do, however, assign GPO to workstations, and obviously patches.

I guess I'm trying to avoid any issues with multiple sources of information (users and workstations)

Any suggestions/ideas?

I cannot use AD as a user source, (except for that one site) mainly because our AD is flat and I need the hierarchical structure of our eDir (and it's going to take a LOT of work to re-adjust our eDir to eDir and then eDir to AD driver).

Thanks for any help.