Chapter 6. Synchronizing Active Directory and Identity Management Users

Red Hat Enterprise Linux Identity Management uses synchronization to combine the user data stored in an Active Directory domain and the user data stored in the IdM domain. Critical user attributes, including passwords, are copied and synchronized between the services.
Entry synchronization is performed through a process similar to replication, which uses hooks to connect to and retrieve directory data from the Windows server.
Password synchronization is performed through a Windows service which is installed on the Windows server and then communicates to the Identity Management server.

6.1. Supported Windows Platforms

Synchronization is supported with the Active Directory functional levels:
  • Forest functional level range: Windows Server 2008 - Windows Server 2012 R2
  • Domain functional level range: Windows Server 2008 - Windows Server 2012 R2
The following operating systems are explicitly supported and tested for synchronization using the mentioned functional levels:
  • Windows Server 2012 R2
  • Windows Server 2016
PassSync 1.1.5 or later is compatible with all supported Windows Server versions.