Have some data in the form of attributes to be shared on the directory attached to users and groups containers/OU or group policy.
The current AD DS has OU and container groupings of users which doesn't match the way this data should be applied, so we want to apply a different grouping without using Group Policy and groups.
It has been decided by others (we are yet to persuade otherwise) that the data should also not be on the main AD DS.
So hope is to create AD LDS with a subset of users from AD DS and maintain them in a different OU/container structure.
Is this possible?
Edit: Background
Some administrators don't like to change their AD schema to add new attributes, or just want to manage certain application data as separate entity from the main directory.
These same admin had an LDAP datastore separate to AD, not synched containing the app data. In the LDAP datastpre they had a per department (multiple departments) structure of
Department Department/Testers Department/Admin
So that Admin and Testers got the default attributes applied to all users + some extra settings or overridden settings.
In the AD DS this structure isn't present.
They now wish to remove this LDAP datastore (reasons unexplainable) and use ADAM or ADLDS instead. They don't seem to know ADAM/ADLDS and want to know how to migrate with as little effort as possible the data on containers/OU and users from the LDAP to the AD AM/LDS keeping the same settings for each user. I have no idea on what tools they have available already or what they might use to make this replicate/synch nicely.
0 Answers