Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Recently, worked on a scenario with Project Server 2010 AD sync with cross forest one way trust. You have two domains A and B. Project sever is on a member server in Domain A. All the users are located in Domain B. A trust B.
Outgoing: Users in the specified ___domain can authenticate in the local ___domain, but users in the local ___domain cannot authenticate in the specified ___domain. This trust is not transitive. Only users from the directly trusted ___domain may authenticate in the trusting ___domain.
In a one way trust scenario if the PSVR is configured using the ___domain A service account, Active Directory sync will not work as Domain A service account does not have access to read the Domain B resource information. However, You can use ___domain B account as service account and reconfigure the service application and application pool accounts in Project Server farm. I would suggest to reconfigure the farm using all the service accounts from Domain B to avoid any other access related issues.
Few of the recommendations around successful AD Sync
- Avoid having Inactive users in AD group. This may cause AdminNTAccountNotFound error,
- Avoid empty AD groups
- Avoid nested groups with circular dependencies.
- Avoid duplicate accounts. This may cause 'ResourceNameAlreadyInUse' error .
And you are good to go.
An extract from the link https://technet.microsoft.com/en-us/library/gg982985.aspx
 Note: |
|---|
Project Server 2010 does not support synchronizing your Enterprise Resource Pool or security groups with Active Directory users across different domains in which only a one-way trust relationship exists between domains. It is possible for Active Directory user to synchronize with SharePoint Server 2010 in a cross-forest deployment in which a one-way trust relationship exists between domains (see Resolve accounts across multiple forests (SharePoint Server 2010). However, Project Server 2010 does not support this scenario. |
Comments
Anonymous
November 19, 2012
Excellent article..MaulikAnonymous
July 24, 2013
Thanks Maulik.