Re: Syncrepl for AD replication
On 21/02/2010 11:26, Stefan Jurisch wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
Am 20.02.2010 17:28, schrieb Dieter Kluenter:
>> I am looking to setup a LDAP server that can pull certain user
>> attributes from Active Directory like userid (sAMAccountName), cn, sn
>> and populate some other attributes like public keys via user input.
>>
>> Is it possible to automate the AD to LDAP replication using syncrepl?
>> Also, looking at syncrepl documentation, it isn't clear how syncrepl
>> adds records? For example, if a new user gets added on the master, how
>> does the replica know what objectclasses to include while adding that
>> user?
>
> Ask Microsoft to implement RFC-4533 into AD.
That would be the best thing to do; but there are some posibilities to do some sort of
repl on other ways.
Indeed. May I suggest you take a look at Ldap Synchronization Connector
(LSC), which can easily be used to synchronize some attributes to/from AD.
This page lists some tips when trying to read/synchronize with Active
Directory (they are general tips, not LSC-specific):
http://lsc-project.org/wiki/documentation/1.1/howtos/activedirectory
Hope this helps,
Jonathan
--
--------------------------------------------------------------
Jonathan Clarke - jonathan(a)phillipoux.net
--------------------------------------------------------------
Ldap Synchronization Connector (LSC) - http://lsc-project.org
--------------------------------------------------------------