Hi,
I'm looking at a problem at the moment where there is a desire to have users who may have multiple AD accounts across domains who will want to be able to change their password from either and have it sync to the other (as well as some other targets but there's no problem there).
The problem is that you can't set an AD Domain as both a Target and a Source for PCNS because it will result in an endless loop.
Can AD Policies help here? Something like setting the password only able to be reset once an hour? Will PCNS timeout and quit the loop or does it just keep going up against something like that?
Someone suggested re-writing PCNS. I admit I'm a little ignorant here. Would this be a large undertaking to re-write PCNS? It seems to be just one .dll, but who knows what's in there! And even if I had the means to have it re-written, would it even be possible to accomodate what I'm trying to do? That is, sync both ways across two domains for the same user. Do MS release the source for .dlls like this? I've had a bit of a search around but haven't found too much. Are there any resources you'd recommend to investigate this sort of thing?
Thanks for any help,
Dan