We have 5 source forests consolidated in to one ADAM instance (running on Win 2003 R2 member server for a domain). We have imported the schema and users from the 5 forests and they are all collapsed in to on big ADAM tree structure ending with DC=ADAM,DC=local
Our external application is pointing to ADAM for (1) User Account Sync and (2) Authentication
Question: When ADAM receives a user auth request from external application, how does it decide to pass it on to the right Domain Controller in the right domain/forest?
My assumption: I think it uses SID to locate the home domain for a user and accordingly proxies/forwards the user auth request. If this is correct, then does it matter what a user account's Distinguished Name (DN) on the ADAM is? Does DN matter? Right now we
have a lot of over-lapping OU structures in all 5 source forests and they have all been collapsed in to one BIG ADAM tree structure. All their DNs end with DC=ADAM,DC=LOCAL. I am worried if this is going to be a problem. Does DNs matter at all for ADAM?
Thanks in advance!