Had this question come up today, so thought I’d drop a quick post on it. The Directory Synchronization tool used with Microsoft’s Online Services does a one-way sync from your Active Directory up to the BPOS servers, and does not migrate passwords. You have to do those manually, and if you change a password in your local AD, it must be updated manually on the BPOS side.
See the Microsoft Online Services “About Directory Synchronization” page for the official wording on it.
Is this a joke? This is a huge issue for larger organizations. I’m surprised that it hasn’t come up more frequently. I wonder if people use it or if there are work-arounds or third-party solutions.
Not very efficient. This would be quite the pain for end-users and a headache for IT Administrators.
We ran across this as well. This limitation is holding up some deployments for us. There are some customers that want to use a portion of BPOS (like SharePoint, Live Meeting, Communicator, but not Exchange), but don’t want to lost the benefit of having just a single set of AD credentials that their users need to worry about.
Steve
I ran into this a few weeks ago and MessageOps has created a solution that syncs the passwords from AD to BPOS. I touched on the subject briefly on my website kalenarndt.com
Shakra Inc (Schakra.com) is a Microsoft BPOS partner and we are offering an extension that would allow password synchronization berween AD and BPOS. We are using standard Microsoft PCNS methods, hence no need for custom code on domain controllers. I’ll be happy to elaborate if, interested
HHIS I sohlud have thought of that!