Hi,
We are starting a migration to w7 (finally :)) but it comes with a AD migration to a different domain too :(
User A has an account in Domain A that is synced with FIM to Domain B
User A connects to SharePoint in Domain A but when he recieves his W7 machines he will use his account in Domain B so he connects to SharePoint in Domain A with a user in Domain B.
This will go on for 2years as we are planning to migrate not everyone in the same time so we need to duplicate the accounts from domain A with account from domain B and we will have a big mess of user permissions the next 2 years.
We will write a script that will do that duplication but;
The site owners need to add the users they want on their site and we want them to only see the Domain A accounts in the "browse user" function.
I restricted this with this
Set-SPSite-Identityhttp://portal.contoso.com/sites/US-UserAccountDirectoryPath"OU=US,OU=SharePoint,DC=Contoso,DC=com"
But we 'admins' still need to be able to add domain B users... And if I execute this command, i can't resolve the names from domain B anymore. Is there a way to hide the Domain B accounts from the search function but still be able to resolve them?
When an owner wants to resolve an account, it will always be the one in domain A so that's perfect but I don't want them to add domain B accounts because we will do that with a script.
Anyone an idea?
Thnx!