LDS 2008 questions for 2003 AD and 2008 AD forest trust

Discussion in 'Active Directory' started by Transam388, Dec 30, 2008.

  1. Transam388

    Transam388 Guest

    We currently are trying to put a solution in place that will allow a single
    sign in for SAP and other applications between two AD Forests with a trust.
    This is basically a break away from the original 2003 domain and then
    migrating users to the new trusted 2008 domain. The trust is at the Forest
    root.

    Now SAP uses an LDAP lookup to AD for user authentication and in order to
    break away from the original domain and not keep an account on both domains
    we are considering LDS 2008. SAP would then point to LDS to authenticate
    instead of pointing just to the original domain LDAP lookup. To add to this
    we would like to try to streamline this operation instead of creating more
    work for the original domain admins. So, is it possible for AD to
    automatically replicate new users and deletes up to LDS instead of that
    having to be always manually done?

    So we set the two domains in LDS and then when new users are placed in any
    of the domains or removed they will automatically be added or removed from
    LDS.

    Again this solution sounds like it would solve our SAP issue but also just
    sounds way to manual and creates a lot of admin overhead for whoever manages
    the LDS.

    Thanks!
     
    Transam388, Dec 30, 2008
    #1
    1. Advertisements

  2. Jorge de Almeida Pinto [MVP - DS], Dec 30, 2008
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.