1.0 Understanding the Multi-Domain Active Directory Driver

The NetIQ Identity Manager driver for Multi-Domain Active Directory supports provisioning of multiple domains in an Active Directory forest. This driver also supports cross domain object synchronization for a forest. The driver simplifies the overall deployment and integration of the entire Active Directory forest with the Identity Manager solution.

The existing Active Directory driver is actively in use and suffices most of the Identity Manager deployment scenarios. The Multi-Domain Active Directory driver enables your enterprise with multiple domain support.

The driver provides the following key features:

  • Supports object synchronization across domains for a forest

  • Supports user provisioning and group membership through entitlements

  • Provides bidirectional password synchronization

  • Supports nested group membership synchronization

  • Supports automatic Domain Controllers (DC) discovery for domains

  • Supports DC failover

  • Supports PowerShell Cmdlets and Exchange mailbox provisioning

  • Provides scalability using separate messaging queuing system for each domain

  • Supports Permission Collection and Reconciliation Service (PCRS)

This section contains high-level information about how the Multi-Domain Active Directory driver functions.