Sun Java System Directory Server Enterprise Edition 6.1 Installation Guide

Resynchronizing Users or Groups

You need to resynchronize the user entries when two directory sources become out of sync. Use the idsync resync command to create users, user groups, and synchronize user and user group attributes in two directory sources. Specifically, you can use the idsync resync command to populate an empty Directory Server with the existing Active Directory or Windows NT SAM domain users.

The idsync resync command can be used in any of the following ways:

Note –

You cannot use the idsync resync command to synchronize passwords (except to invalidate Directory Server passwords to force on-demand password synchronization in an Active Directory environment).

When the Group Synchronization feature is enabled, both the users as well as the groups associated with the users are synchronized between the data sources configured. No additional options are required while using the resync command for Group Synchronization.