Thought I'd join in in this discussion.
I have setup a resource forest and can log onto accounts created in the resource forest prior to synchronising the msRTCSIP-OriginatorSid attribute. The second I assign the msRTCSIP-OriginatorSid to the user object in the resource forest, I can longer access the account from either the resource forest or the user forest.
After I assign the msRTCSIP-OriginatorSid attribute, I am obviously meant to log on using the SIP address and passthrough should 'just work'. It however always prompts me for my SIP login, username and password and does not accept either username/password from the resource domain or user domain.
Is it mandatory for the resource account to be disabled and must all attibutes match? Ie. Display name, etc. I don't see why it would matter so long as the msRTCSIP-OriginatorSid attribute matches.
|
Attribute |
User A in User Forest |
Disabled user account for User A in a Resource Forest |
|
Cn |
Dylan |
Dylan |
|
ObjectSID
Note In a deployment that includes Microsoft Exchange Server, set the ObjectSID attribute to the value from the msExchMasterAccountSID attribute. |
sidDylan |
|
|
ms-RTC-SIP-OriginatorSID |
|
sidDylan |
|
ms-RTC-SIP-TargetHomeServer |
|
|
|
telephoneNumber |
555-1234 |
555-1234 |
|
displayName |
Dylan Miller |
Dylan Miller |
|
givenName |
Dylan |
Dylan |
|
Surname |
Miller |
Miller |
|
physicalDeliveryOfficeName |
4500 |
4500 |
|
l (city) |
Redmond |
Redmond |
|
st (state) |
WA |
WA |
|
Country |
U.S.A |
U.S.A |
|
Title |
Director |
Director |
|
Mail |
dylan@contoso.com |
dylan@contoso.com |
|
Company |
Contoso |
Contoso |
Any help would be much appreciated.
