Does Identity Syncronizer modify the Active Directory schema in any way?
No. Identity Syncronizer does not alter the Active Directory schema and all of its information is stored in a centralized SQL database. This is to maintain compatibility with Microsoft and any changes they make to Active Directory.
Since you’re storing information in a SQL database, how is sensitive information within the Identity Syncronizer platform protected?
Our first line of defense is the security built into SQL Server itself, however due to the nature of IDSync we take many extra precautions. All sensitive information stored in the IDSync database is first salted with random data elements and then encrypted with 256-bit AES encryption. Even if a user were able to access the SQL server database — the sensitive information stored within IDSync would be unreadable and unalterable.
Can I install the Identity Syncronizer extensions to ADUC (Active Directory Users and Computers) on my Network Administrators workstations?
Yes. Identity Syncronizer’s ADUC integrations can be installed on any number of machines including network administrators so they can administer users without remote access to the domain controllers.
Identity Syncronizer displays a tab in Active Directory for each application that it integrates with. Is this supported by Microsoft?
Identity Syncronizer uses an interface and API provided by Microsoft to provide this tight level of integration. It is fully supported by Microsoft as it is the same mechanism that they use to support their own integrations.
Does Identity Syncronizer support synchronization of password to integrated applications? What if a user changes their password at their workstation with CTL+ALT+DEL?
Identity Syncronizer integrates directly with Active Directory so when a user changes their password (regardless of what method is used) the password is automatically updated to all integrated applications.