08-16-2010 12:24 PM
Does anyone know if the TRIM DS tool can query against multi-domain active directories from a Global Catalog?
I know its simple to do different domains with different DS configurations, but I have a client that uses Global Catalog where only 1 config and LDAP server would be able to query all domains. They have demonstrated that other tools query that way, but TRIMDS is unable query the base DN of the directory without being domain specific (thus not using the global catalog).
Anyone have success using a global catalog?
08-16-2010 09:43 PM
I can confirm that TrimDS is happily syncing from a GC here (two distinct domains each with it's own TRIM user/security group).
My TrimDS LDAP connection string connects to the GC at the top level
search base dc=example,dc=com,dc=au
I then use two "entries" to query each domain separately:
Entry 1 search dn = dc=domain1,dc=example,dc=com,dc=au
Entry 2 search dn = dc=domain2,dc=example,dc=com,dc=au
It took a bit of fiddling on the AD side to get it to work, but it beats running separate synchronisations for each domain. I'm a TRIM user, not an AD tech, but I hope that's of some help!
08-17-2010 09:40 AM
Are you able to provide any info on the fiddling that was done with AD?
Your description was excellent, but we ran into an empty search window with the 2nd domain filter running against the 2nd domain search base.
Our work around was to use different connection details for each entry and that allowed us 1 config with multiple servers.
08-17-2010 07:10 PM
I'm afraid I can't provide any insight into how the GC was established - I'm well separated from that side of things sorry!
In case it's of any help, I've attached a quick working example TrimDS configuration from our UAT environment (with a few details changed to protect the guilty)
Also consider enabling verbose logging when running in report-only mode to track down any errors.