Share via

How to use MIM 2016 to Synchronize user Attributes between two separate forests

Steven Sharamatew 20 Reputation points
2023-06-20T09:06:50.2033333+00:00

Can I use MIM 2016 synchronization service to synchronize user attributes between two separate Active Directory forests? For example, can I JOIN the two separate AD forest user objects on SamAccountName and Synchronize:
Attributes 1,2,3 from AD1 User to matching SamAccountName into AD2
Attributes A, B, C from AD2 User to matching SamAccountname into AD1

Trying to do this with two AD management agents: "AD1 MA" and "AD2 MA"

I can get the objects to project into metaverse but they will not join.

Thanks

Microsoft Identity Manager
Microsoft Identity Manager
A family of Microsoft products that manage a user's digital identity using identity synchronization, certificate management, and user provisioning.
857 questions
0 comments
Accepted answer
  1. Sylvain Clb 946 Reputation points
    2023-06-23T14:50:42.1866667+00:00

    Hello Steven,

    Yes, you can do it. It is a supported scenario.

    You have to define a join rule on your AD MA1 or 2 or both.

    For Example, if you have a strict match on the SamAccountName or any other attributes.

    You can also have multiple criteria to join your users.

    See this post for understanding what is the join rules in MIM: https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/understanding-joining/ba-p/974576

    BR,
    Sylvain

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.