Further Important Notes
Finding a domain controller to query
If the specified LDAP path starts with "LDAP://" (or no prefix) a domain controller is searched (and used for further AD queries) using the following algorithm:
| Server name | Action |
|---|---|
| Server name | Specified DC is used |
| Empty | Probe domain controllers of current domain. First connectable DC is used. |
| Comma separated list of server names | First connectable DC is used. |
Finding a global catalog to query
If the LDAP path starts with "GC://" (or no prefix) a global catalog is used for further AD queries.
Subdomains
ADSync supports users from trusted subdomains. That means, groups may not only contain users from the main domain but also users from subdomains.
Contraints
The only LDAP-implementation currently supported by ADSync is Microsoft's Active Directory (although ADSync theoretically synchronizes to any LDAP implementation).
No AD user name "ADMIN" will be synchronized to the DigaSystem (it is available and does not require an Action Right).
Reading Active Directory domain
AdSync read an Active Directory domain even if the hosting computed is not inside the domain.