User creation is not the responsibility of Identity Synchronization for Windows in this deployment. Therefore, new users that are added to Directory Server using Identity Manager will not be linked to the corresponding entries in Active Directory domains, or conversely. To establish this link for new users, an administrator must periodically execute idsync resync so that password changes for the new entries are synchronized.
The frequency with which this operation is executed is the administrator’s decision and the periodic automated execution is performed using a scheduled UNIX cron job. For details, see Periodic idsync resync Operation for Primary Installation.