Sun Java System Identity Synchronization for Windows 6.0 Deployment Planning Guide

Configuring the Group Synchronization Settings

You can create or delete a group, and associate or disassociate users with that group in a directory environment. If Group Synchronization is enabled, the changes that you make in one directory environment automatically propagate to the other directory environment. All the users are synchronized across the directory servers with their group membership intact.

Note –

When Group Synchronization is enabled, the uniquemember Directory Server attribute and the member attribute Active Directory attribute are internally mapped.

ProcedureTo Configure the Group synchronization Settings

  1. In the Console, click the Configuration tab, then click the Groups tab.

  2. Select the Enable Group Synchronization check box.

    Enabling Group Synchronization
  3. From the drop-down menu, choose Domain Global Security or Domain Global Distribution to propagate groups from Sun Directory Server to Active Directory.