Password Sync between two forest
Hello Guys, Recently i have implemented Fim 2010 to Synchronize user and password from abc.local to xyz.local domain through PCNS service. I have Installed PCNS and create SPN and configured PCNS on all source domain controller of abc.local. When i create new user in abc.local, it synchronized with xyz.local based on workflow and also when i reset password of that new user which is synchronized through FIM in xyz.local, then password also synchronize. But we had also migrated few users from abc.local to xyz.local through ADMT from FIM 2010 and now when i reset password of those users then password doesn't synchronize with xyz.local. Only migrated users from ADMT, reset password is not synchronizing. But when i create new user in abc.local it synchronized with xyz.local even though reset password.
September 20th, 2012 8:14am

Without seeing your actual setup, it's hard to say for sure, but check that the user accounts from both domains are connected to a common MV object in the Sync metaverse. That might explain why the password change doesn't find its way to the destination.Frank C. Drewes III - Architect - Oxford Computer Group
Free Windows Admin Tool Kit Click here and download it now
September 20th, 2012 4:55pm

Password migration (whether via ADMT, QMM, etc.) doesn't trigger PCNS. The reason is that password migration moves the password hash at a very low level; the cleartext password is unavailable at this point. PCNS and FIM are unable to work with password hashes--they require the cleartext. More information here: http://support.microsoft.com/kb/2693392
September 20th, 2012 5:20pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics