ADSync installation on all domain controller
In the knowledge base it is written that ADSync has to be installed on all domain controller.
If synchronizing from AD to CloudPanel and all DC are synchronizing among themselves, the installtion on all should be obsolete, isn’t it?
The ADSync is only meant to go on CUSTOMERS domain controllers to sync AD users attributes and passwords from their environment to your environment. Do NOT install this in your CloudPanel environment
You need to install it on all domain controllers because it registers a password filter to capture passwords and send them to CloudPanel
@jdixon But wouldn`t the password also be send to the CloudPanel if ADSync was only installed on one domain controller out of 4?
Because the domain controllers also sync across themself, or is there some problem with that? Or is it just faster with ADSync installed on all?
Password changes only happen on one domain controller and then are synced. We have to capture the password when it is changed, not synced. That is why the password filter must be on all domain controllers because we actually have no idea what domain controller the password change may occur on
@jdixon What if the customer hast multiple domain controllers in their environment?