ADMINISTRATION TOOLS

Synchronizing users and groups
Active Directory user and group accounts can be synchronized with the corresponding Person and Group documents in the Domino Directory. Synchronizing users facilitates other user synchronization operations, such as user registration and deletion, which can be initiated through the Microsoft Management Console (MMC) or Domino. Synchronization also enables users to have a common password for Windows and for Domino Web Server access, copies all mapped field values from user or group objects in Active Directory to corresponding documents stored in the Domino Directory, and it copies member lists of the groups. The synchronization server specified in Notes Settings is used for all synchronization operations.

For more information on Notes Settings, see Specifying Notes settings.

Synchronization is initiated at these times:


During synchronization, ADSync attempts to match the Active Directory object with an entry in the Domino Directory. If more than one match is found, ADSync prompts you to specify the match from those that have been located.

The field mappings that are set in the Field Mappings table designate which fields are synchronized during synchronization. System fields that cannot be safely synchronized in two directories are excluded from the Field Mappings table.

For more information on Field Mappings, see Mapping Active Directory fields with Domino Directory fields.

If the "Set common password" check box is checked on the Synchronization Options tab on the Lotus ADSync Options dialog box, you are prompted to enter a new password during synchronization. This changes the Windows password as well as the Notes Internet password for that user.

For more information on synchronization options, see Enabling the Notes synchronization options.

Note Consult your Windows 2000 documentation for information about running and working with the MMC and the Users and Computers snap-in.