I need to sync accounts from one directory to another directory such that users can access a service using their same password in both domains.
Trusts are NOT an option, this is a service-provider type relationship (think Office365 or Azure, but not those service exactly).
AD-LDS is NOT the right solution, I went down that road very far...this will work perfectly with TRUSTS.
I was thinking that Forefront Identity Manager / FIM 2010 / MIIS Server 2003 would do it, but docs and white papers are sparse on exact implementation scenarios...is this what I need to use? Is there something else? I understand that the password will not sync EXACTLY, and that after being implemented passwords will need to be changed on the SOURCE domain to force the sync to the target domain.
Any advice is appreciated, thanks!