Internal Windows 2008 R2 (FFL/DFL) AD
Internal Windows 2012 R2 (FFL/DFL) AD
No trust (could potentially exist)
I have a requirement to provide a continuous object (user+group) sync from multiple ldap sources (mostly AD but a single instance of OpenLDAP).
There are currently no trusts between these directories so I was hoping to get some guidance on the following options:
1: Deploy a FIM setup
2: Create a trust a use ADMT as a object migration/merge tool (create PES for passwords)
3: Use DirSync (Non Azure)
4: 3rd party tool like 'Binarytree'
I was hoping to see if there were any options I may have missed and or any preferred methods for basic user/group object sync between AD (on-prem).