• Site Map
• Contact Us

• Home
• Our Company
• News &  Events
• Products
• Services
• Resource Center
• Community

Technology Platform Support Windows and Active Directory

Windows and Active Directory Integration

ID-Synch® uses the NTLM client built into the Windows server OS to manage passwords on Windows NT servers and domains.

ID-Synch uses either the NTLM client or the LDAPS client (through ADSI) built into the Windows server OS to manage passwords on Windows / Active Directory domains. Please note that use of LDAPS requires that an SSL certificate be installed on DCs.

Active Directory target integration supports multiple, concurrent forests and domains and does not require any trust relationships.

The ID-Synch Active Directory agent is able to dynamically identify the most suitable domain controller(s) on which to make password updates, in order to expedite replication of the new password and intruder lockout flag for the user. For example, a password update and cleared lockout may be set on a DC in the same site as the user's current workstation (identified by IP address) or nearest the user's home directory file server.

In either case, no agent software is installed on the target Windows domain controllers.

ID-Synch can create, delete, enable, disable, modify, rename and move users on Windows NT servers, Windows NT domains, Windows 2000/2003/2008 servers and Active Directory domains. It creates new Windows users by cloning existing ones, copying and adjusting hundreds of native Windows, Active Directory and Exchange attributes in the process. It can also manage the membership of users in Windows and Active Directory groups.

When managing Windows/AD users, ID-Synch can also create, update and move Exchange mailboxes; create, populate and set ACLs on Windows home directories and more. In other words, it can manage the entire Windows-platform user profile, rather than just AD user objects.

© Hitachi ID Systems, Inc. 2008. All rights reserved.