One of the most common issues in dealing with multiple Active Directory domains is handling different sets of passwords. Be it for domain migrations or maintaining separate domains for desktop login and Exchange mail box access, users have to handle different passwords for each domain. This would complicate user password management and result in an increase in the number of password-related tickets, eventually affecting overall productivity.
This article will show how you can synchronize passwords between two or more AD domains using ADSelfService Plus.
Note: You can create multiple OU and group-based policies in ADSelfService Plus that define the self-service features accessible to different users.
For example, if you wish to synchronize the passwords of all managers in your organization between two domains say, manageengine.com and america.manageengine.com, then select america.manageengine.com as Domain Name and the policy associated with managers in manageengine.com from the Associate Policies drop-down list. In this example, password changes in the manageengine.com domain will get reflected in the america.manageengine.com domain.
Configuring password sync between two AD domains
Linking user accounts between domains is essential for password synchronization to work. By default, user accounts will be automatically linked based on the SAMAccountName AD attribute. ADSelfService Plus also allows you to link user accounts based on any attribute of your choice.
Selecting account attribute
Like this tip? Get the most out of ADSelfService Plus by checking out more tips and tricks here.
Need further assistance? Fill this form, and we'll contact you rightaway.
Free Active Directory users from attending lengthy help desk calls by allowing them to self-service their password resets/ account unlock tasks. Hassle-free password change for Active Directory users with ADSelfService Plus ‘Change Password’ console.
Get seamless one-click access to 100+ cloud applications. With enterprise single sign-on, users can access all their cloud applications with their Active Directory credentials. Thanks to ADSelfService Plus!
Intimate Active Directory users of their impending password/account expiry by mailing them these password/account expiry notifications.
Synchronize Windows Active Directory user password/account changes across multiple systems, automatically, including Office 365, G Suite, IBM iSeries and more.
Ensure strong user passwords that resist various hacking threats with ADSelfService Plus by enforcing Active Directory users to adhere to compliant passwords via displaying password complexity requirements.