By default, passwords are stored in Active Directory using irreversible encryption, which means that AD stores only hashes of the passwords, but not the actual passwords. For this reason, it is only possible to retrieve a password when it is set via Adaxes. In other words, it is possible to synchronize a password only when it is changed or reset or when a new user account is created using Adaxes.
For this purpose, you can create Business Rules triggered after
- creating a new user,
- changing the password of a user,
- resetting the password of a user.
The Business Rules will automatically update the password for a similar user account in the other domain.
To help you with the actual Business Rules, can you provide more detail on how are users related between each other in both the domains? Do they have the same username? Maybe, the OU structure is similar, and also their Distinguished Name is similar less the domain name? Can you provide as much detail on this as possible?