our idea is to implement an automatic synchronization between a remote active directory (customer AD) and the local domino directory (us). This is to manage the single sign on of remote WEB users not belonging to the local domain in our web applications provided by a domino http server that is installed on our network.
Our customer ask us to to use their active directory credentials to access our web applications. Today we can do this configuring the SAML login between the client's ADFS and our domino server, but the modification of customer's active directory is not managed. If the customer adds or deletes a user this change is not traced in our domino directory causing a 401 error during web application login.