We are currently moving from eDirectory to Azure ADP and local AD. We have been using NetIQ Identity manager advanced for all of our user and group role-based provisioning. Being that we are decommissioning eDir as our primary directory source and moving towards AD, and we sync our current eDir with IDM via the eDir to eDir driver and also sync the user and group GUIDs, technically I should be able to point Vibe from our production eDir instance to our IDM eDir instance via LDAP and being that the GUIDs are the same because they are sync'ed, theoretically Vibe should not treat the users and groups as new users and groups because the GUIDs haven't changed.

Has anyone tried this?

We are planning on setting up a test Vibe server, pointing it at our prod eDir then switching it over to our IDM eDir to test this theory, but any supporting evidence from others that have tried this would be appreciated.

If anyone sees holes or things to watch out for, all suggestions and comments are welcome.