2.2 eDirectory Tree

The first DSfW server in a tree creates a forest, and only one forest can be created for each eDirectory tree. A DSfW domain can include one or more contiguous partitions. The figure below depicts mapping of multiple eDirectory partitions to a single DSfW domain and mapping each eDirectory partition to a respective DSfW domain.

2.2.1 Name-Mapped Installation

Follow the guidelines in this section as you install DSfW into an existing tree:

In a name-mapped installation scenario, only one top-level container (O or OU), including its sub-structure, can be integrated into the DSfW forest structure.
Every DSfW domain must be mapped to a partition in eDirectory. The name of the domain and the organizational unit that is planned to be mapped can be different. For information on eDirectory partitioning, see Managing Partitions and Replicas.
After the DSfW domain is mapped to an eDirectory partition, its sibling partitions and its top-level partition in the eDirectory tree cannot be mapped to a DSfW domain. Ensure that you map a DSfW forest to the top-most partition in eDirectory tree, so that all the needed partitions can be brought under the DSfW domain.
After DSfW is configured, the DSfW domain name and the first eDirectory partition that is mapped to the DSfW domain cannot be modified. For more information, see Leveraging an Existing eDirectory Setup and Deploying DSfW in a Name-Mapped Setup.
If the eDirectory tree has more than one organization that needs to be part of the domain, you must redesign or restructure eDirectory. Using “Alias objects” does not work. Instead, you can create a separate DSfW tree and use Identity Manager (IDM) to synchronize.

2.2.2 Non-Name-Mapped Installation

If you are introducing DSfW as a new tree in the enterprise, a container is created in DC (Domain Class) notation and is partitioned and mapped to the domain. This container is the root for all other subsequent domains. The name of the container to be created is derived from the DNS domain name.