We have a need to synch groups between two AD forests, using only the Synchronization Service.
I can import the groups in one forest into the MV, with the members, and I can provision a group with the same name in the second forest, but I need to lookup the equivalent user ID in the second forest and add them as members to the provisioned group. But since the member attribute is a ReferenceValue, nothing I try works.
I know that Group Management in the Synch Service has never been a robust feature, but is there any way to make this work?
Ed Bell - Specialist, Network Services, Convergys