Hi there,
We have a scenario where we would like one-way, AD-to-eDir password sync
for some AD users but full two-way sync for others in the AD domain. At
present we have one-way, AD-to-eDir sync for all the AD users. I'd have
to open up full two-way sync and then close it off to the appropriate
users that I want to restrict.

Any thoughts on how we could selectively block the eDir-to-AD password
sync on the Subscriber? Could it be as simple as checking for a certain
group membership and removing the password change from the Modify


kmaule's Profile: https://forums.netiq.com/member.php?userid=306
View this thread: https://forums.netiq.com/showthread.php?t=50798