Do we support LDAP Sync on multiple AD residing in different domain and forest?

VIP Enterprise Gateway 9.10 onwards

If there is one VIP EG in one domain forest which the userstores can access both domains eg. test.domain.com and new.domain.com then LDAP sync will work correctly.

If there is two VIP EGs in both domains eg. test.domain.com and new.domain.com then users will be removed on next LDAP sync due to the filters removing users based on the domain ownership. If a customer is in this state they can change the syncronization cluster name to be unique this will allow both LDAP syncs to run without removing users. In this configuration using saMAccountName is discouraged due to collisions. Also the LDAP sync needs to be offset to ensure each server has enough time to finish the sync.

To change the Syncronization Cluster:

1.) Login to the VIP EG console.

2.) Click on Settings

3.) On the Links bar on the left click on System Settings.

4.) Edit and change the Syncronization Cluster name and Save.