Hi All,

I have an eDir to AD driver running in PROD with 1 of 20 odd replicas
added to the server. It's been running 1st stage of Pilot, which is the
IT staff from 1 partition.

I'd like to run "Migrate from IDVault" when I need to progress use.
However adding any replicas with the driver running processes all the
add's but also doesn't create the heavy OU structure which is mirrored.
So a lot of errors, followed by having to Migrate anyway as some users
error and others work depending on the order in which objects are
replicated to eDir on the IDM engine and synced to AD. Migrate works

I'm after everyone's experience or "best practice" on adding in many
replicas without having them all process immediately as "add's" in to

So far I'm assuming the best option (too allow me to Migrate) is to
disable the driver while adding the replicas, so that I can do a migrate
when ready. That however leaves me open to losing changes in that time
window. This of course can be mitigated with midnight changes but I'm
sure you'd all agree not the safest option.

Option 2 is just stop the driver, let the replica add process get
captured in cache. However I'd still see doing anything but starting the
driver again as too risky in case I purge the cache and again lose
legitimate changes to existing associated objects.

Thoughts? Thanks

brian_davis's Profile: https://forums.netiq.com/member.php?userid=11737
View this thread: https://forums.netiq.com/showthread.php?t=55689