How To Create the AD LDS UnitySync User Account and Sync Container
Created: 2012-04-20 08:09:59Modified: 2017-04-26 11:11:04
Tags: AD LDS ADAM UnitySync
This article outlines the steps required to create the UnitySync AD LDS User Account and the AD LDS sync container. Perform the following steps in ADSI Edit.
Create the Sync container (where the sync will create objects):
- Select the root in which to create the new container.
- Click New > Object > Organizational Unit > Next
- Enter the container name value (i.e. Jons World), click Next, click Finish.
- If your AD LDS user login will not be an Admin account, you’ll need to apply Special Permissions , giving your non Admin user account write access.
Create the AD LDS UnitySync user login account
- Select the root in which to create the UnitySync user account.
- Click New > Object > User > Next
- Enter the user name value (i.e. JonDoe), click Next, click Finish.
- Right click the new user (i.e. CN=JonDoe), select Reset Password.
- Enter the password, confirm password and click OK.
- Open CN=Roles.
- Richt Click CN=Readers, select Properites.
- Double click the attribute ‘Member’.
- Click Add AD LDS Account.
- Enter the DN of your UnitySync User Account (i.e. cn=JonDoe,dc=acme), click OK.
- Click OK
- Right click your UnitySync user account (i.e. CN=JonDoe), select Properties.
- Double click attribute msDS-UserAccountDisabled, select FALSE, click OK.
- Double click attribute msDS-UserDontExpirePassword, select TRUE, click OK.
NOTE: The DontExpirePassword setting is not required, but recommended. The password is specified in each UnitySync connection. If this is set to False and your password will expire and be reset regularly, you must modify your UnitySync connections to include the new password at the same time.