If I create a userProxyfull object in AD-LDS and want to include an attribute that exists in AD but I want to have a different value actually be stored in AD-LDS, is this possible? An example would be mail or objectGUID perhaps. So when I try to look up a user in AD-LDS who is represented by a userProxyfull object, will it return the mail from AD or the one I created for it in AD-LDS?
Asked
Active
Viewed 277 times
1 Answers
0
userProxyFull objects are used to perform authentication against AD for external use, without hitting the AD directly from outside. Everything is stored in ADLDS and will be retrieved from there. The ADLDS and AD users are connected using ObjectSid. The user must be created in AD before it can be created in ADLDS. The GUIDS will also be different.
smr5
- 2,593
- 6
- 39
- 66