AD Password Hook & Installation of SAP IC
the AD password hook, which is intercepting the password change on an Active Directory Domain Controller, is calling a SAP IC executable to run a job that is stored in a .dse file in the file system. This means that SAP IC needs to be installed on the domain controller. As most customers have multiple domain controllers, the AD password hook and the SAP IC need to be installed on all domain controllers.
Is there a way to avoid installing the SAP IC software on the domain controller? Customers are typically pretty restrictive about software that needs to be installed on the DC.