I have two domains with a two-ways trust relationship (selective authentication). Microsoft Identity Manager is installed, configured and "Password Change Notification Service" is configured and properly delivers password changes with RPC requests to the target FIMSyncronization Service (Kerberos authentication also working properly).
Two AD management agents are configured in MIM: One for the "source" domain and another one for the "target" domain.
Which attributes and join/projection rules need to be configured in order to allow password synchronization on "source" agent and "target" agent?
Official documentation is unclear on that matter and all examples on the Web don't give any hints regarding needed rules/attributes/mapping for password Synchronization.
Plus 'unicodePwd' attribute is write only in Active Directory and there doesn't seem to be any relevant attribute in Metaverse to store this password hash.