On Fri, Mar 22, 2013 at 1:33 AM, 杨峰 hoking.yang@gmail.com wrote:
I had set up LDAP on linux side, I want to build a AD with Windows2008R2, and AD should sync the user information from LDAP, is there any suggestion on this?
Usually and quite commonly your DITs will differ so you will probably need a middle man to translate. I don't know of an existing toolset that does this elegantly, but one could very well exist.
Perl is my tool of choice here with Net::LDAP, but you can use any programming language that talks LDAP. You have to enable LDAP on the AD side because AFAICR it's not enabled by default.
Wether it's real-time (event-driven) or batch based depends on your particular needs, and there are different techniques for either one. In all the cases I have done this AD is a sub-set of the corporate DIT which is in OpenLDAP (or whatever) but YMMV.
Best,