Return
-
Title
ODMAD: Do the On Demand migration accounts used by the agent servers only require rights for the domain in which they're in? -
Description
Do the On Demand migration accounts used by the agent servers only require rights for the domain in which they're in.
We have agents in each domain that run with a service account native to that domain, currently the service accounts are configured with rights on all of the domains.
-
Resolution
What is required to get Directory Sync set up?
You will need 2 items to get started with setting up Directory Sync.
- The authorized account(s) that allow changes to your local and/or cloud directories
- At least one (1) local on-premises server to host the local agent (if applicable)
Local Active Directory Account
- The agent installer will prompt for a domain account with permission to read and write on-premises Active Directory.
- An agent intended to sync all domains in a forest, must have access rights to all domains and objects used in workflows.
For additional details, refer to our user guide at https://support.quest.com/technical-documents/on-demand-migration/current/active-directory-user-guide