On 7/6/2012 3:36 AM, gumiho wrote:
>
> I am setting up Password Synchronization and Active Directory Driver and
> encounter the following issue:
> Appreciate if you guys can take a look and advise
>
> Current architecture:
> Machine 1: Running eDirectory and Identity Manager in Network A
> Machine 2: Running Remote Loader (with Active Directory Shim and
> Driver) in Network A
> Machine 3: Active Directory with PassSync Installed in Network C
>
> Current Situation:
> Machines in Network A are unable to communicate with machines in
> Network C
> Hence, Password changes in Machine 3(Active Directory) can't be sent to
> Machine 2 (Remote Loader)
> However, Both Network A and Network C are able to access Network B.
> So, I am thinking of installing an "intermediate software" that is able
> to get the password changes in Machine 3 and forward it Machine 2.



If Network A/B/C are just different locations with firewalls in between,
and the servers are all talking AD, then you need to allow the right
ports for PassSync to work, there is no real forwarding mechanism the
way you are hoping. It needs RPC open to talk. Each DC needs to be
able to talk RPC to the box running the remote loader.


> So, technically, I wonder what this intermediate software can be?
> 1) Another remote loader machine in Network B that get the password
> changes and forward it to the remote loader running in Machine 2 and
> vice-versa.
> 2) Another machine install with passSync application in Network B that
> get the password changes and forward it to the remote loader running in
> Machine 2 and vice-versa.
>
> If the above 2 options are feasible, is there any guides or
> instructions on it? If not, is there other solution?
>
> Thanks a million for your help!!!!
>
>