I am running open ldap server in redhat server, and active directory in win server 2008. I have admin access to both servers. The thing is that i have to sync both server, like from openldap i could access active directory data. Can it be possible? If possible then then please give me some information that i could proceed this task. I have tried some thing like using openldap admin guide syncrepl rid=001 provider=ldap://IP of AD server/ binddn="cn=replicator,dc=suretecsystems,dc=com" bindmethod=simple credentials=Password of AD server searchbase="dc=suretecsystems,dc=com" type=refreshAndPersist retry="5 5 300 5" I don't how much i am right. Or is there any different way? Please help me to solve this.

Sorry for the top posting no, it is not possible to do what you are trying to do, not so simply. There are solution for synch different ldap product, free and commercial. In a very old oreilly ldap book the topic is also discussed somehow, iirc. In effect the ietf effort to create an multiple vendor ldap synch repl standard is failed, in retrospect, i think.

Best 2013/3/24, Suman Karki <sumankarki16(a)gmail.com&gt;: > I any person is willing to help me and require more detail about this > problem i will reply that. > > On 3/24/13, Suman Karki <sumankarki16(a)gmail.com&gt; wrote: >> I am running open ldap server in redhat server, and active directory >> in win server 2008. >> I have admin access to both servers. >> >> The thing is that i have to sync both server, like from openldap i >> could access active directory data. >> >> Can it be possible? >> If possible then then please give me some information that i could >> proceed this task. >> >> I have tried some thing like using openldap admin guide >> >> syncrepl rid=001 >> provider=ldap://IP of AD server/ >> binddn="cn=replicator,dc=suretecsystems,dc=com" >> bindmethod=simple >> credentials=Password of AD server >> searchbase="dc=suretecsystems,dc=com" >> type=refreshAndPersist >> retry="5 5 300 5" >> >> >> >> I don't how much i am right. >> Or is there any different way? Please help me to solve this. >> > >

On Sunday, March 24, 2013 at 14:11 , Howard Chu wrote: > devzero2000 wrote: >> Sorry for the top posting >> >> no, it is not possible to do what you are trying to do, not so simply. >> There are solution for synch different ldap product, free and >> commercial. In a very old oreilly ldap book the topic is also >> discussed somehow, iirc. In effect the ietf effort to create an >> multiple vendor ldap synch repl standard is failed, in retrospect, i >> think. > > The IETF succeeded, and RFC4533 is the result. Currently OpenLDAP and Apache > Directory support it, I'm not aware of anyone else. I wouldn't say that IETF succeeded. RFC4533 is an experimental document and in no way represents a consensus on how to do LDAP synchronization or replication.

Regards, Ludovic. -- Ludovic Poitou http://ludopoitou.wordpress.com >> >> Best >> >> 2013/3/24, Suman Karki <sumankarki16(a)gmail.com >> <mailto:sumankarki16@gmail.com>>: >>> I any person is willing to help me and require more detail about this >>> problem i will reply that. >>> >>> On 3/24/13, Suman Karki <sumankarki16(a)gmail.com >>> <mailto:sumankarki16@gmail.com>> wrote: >>>> I am running open ldap server in redhat server, and active directory >>>> in win server 2008. >>>> I have admin access to both servers. >>>> >>>> The thing is that i have to sync both server, like from openldap i >>>> could access active directory data. >>>> >>>> Can it be possible? >>>> If possible then then please give me some information that i could >>>> proceed this task. >>>> >>>> I have tried some thing like using openldap admin guide >>>> >>>> syncrepl rid=001 >>>> provider=ldap://IP of AD server/ >>>> binddn="cn=replicator,dc=suretecsystems,dc=com" >>>> bindmethod=simple >>>> credentials=Password of AD server >>>> searchbase="dc=suretecsystems,dc=com" >>>> type=refreshAndPersist >>>> retry="5 5 300 5" >>>> >>>> >>>> >>>> I don't how much i am right. >>>> Or is there any different way? Please help me to solve this.

Howard, I don't dispute the 2 implementations. 2 doesn't make a standard though, even if it's more than any other LDAP replication spec. My main point is that RFC4533 is not a standard but describes an experimentation. Regards, Ludo -- Ludovic Poitou http://ludopoitou.wordpress.com On Sunday, March 24, 2013 at 16:33 , Howard Chu wrote: > Ludovic Poitou wrote: >> >> On Sunday, March 24, 2013 at 14:11 , Howard Chu wrote: >> >>> devzero2000 wrote: >>>> Sorry for the top posting >>>> >>>> no, it is not possible to do what you are trying to do, not so simply. >>>> There are solution for synch different ldap product, free and >>>> commercial. In a very old oreilly ldap book the topic is also >>>> discussed somehow, iirc. In effect the ietf effort to create an >>>> multiple vendor ldap synch repl standard is failed, in retrospect, i >>>> think. >>> >>> The IETF succeeded, and RFC4533 is the result. Currently OpenLDAP >>> and Apache >>> Directory support it, I'm not aware of anyone else. >> I wouldn't say that IETF succeeded. RFC4533 is an experimental >> document and in >> no way represents a consensus on how to do LDAP synchronization or >> replication. > > Perhaps no consensus today, but the existence of two interoperable > independently developed implementations means the experiment > succeeded. That's > more than any other replication spec for LDAP can claim. > >> Regards, >> >> Ludovic. >> -- >> Ludovic Poitou >> http://ludopoitou.wordpress.com >>>> >>>> Best >>>> >>>> 2013/3/24, Suman Karki <sumankarki16(a)gmail.com >>>> <mailto:sumankarki16@gmail.com> >>>> <mailto:sumankarki16@gmail.com>>: >>>>> I any person is willing to help me and require more detail about this >>>>> problem i will reply that. >>>>> >>>>> On 3/24/13, Suman Karki <sumankarki16(a)gmail.com >>>>> <mailto:sumankarki16@gmail.com> >>>>> <mailto:sumankarki16@gmail.com>> wrote: >>>>>> I am running open ldap server in redhat server, and active directory >>>>>> in win server 2008. >>>>>> I have admin access to both servers. >>>>>> >>>>>> The thing is that i have to sync both server, like from openldap i >>>>>> could access active directory data. >>>>>> >>>>>> Can it be possible? >>>>>> If possible then then please give me some information that i could >>>>>> proceed this task. >>>>>> >>>>>> I have tried some thing like using openldap admin guide >>>>>> >>>>>> syncrepl rid=001 >>>>>> provider=ldap://IP of AD server/ >>>>>> binddn="cn=replicator,dc=suretecsystems,dc=com" >>>>>> bindmethod=simple >>>>>> credentials=Password of AD server >>>>>> searchbase="dc=suretecsystems,dc=com" >>>>>> type=refreshAndPersist >>>>>> retry="5 5 300 5" >>>>>> >>>>>> >>>>>> >>>>>> I don't how much i am right. >>>>>> Or is there any different way? Please help me to solve this. > > > -- > -- Howard Chu > CTO, Symas Corp. http://www.symas.com > Director, Highland Sun http://highlandsun.com/hyc/ > Chief Architect, OpenLDAP http://www.openldap.org/project/

I know, everyone know. But if many vendor had Decided to don't follow these standards mean that there are not business reason to follow it. Sad, but true.

2013/3/24, Howard Chu <hyc(a)symas.com&gt;: > devzero2000 wrote: >> Sorry for the top posting >> >> no, it is not possible to do what you are trying to do, not so simply. >> There are solution for synch different ldap product, free and >> commercial. In a very old oreilly ldap book the topic is also >> discussed somehow, iirc. In effect the ietf effort to create an >> multiple vendor ldap synch repl standard is failed, in retrospect, i >> think. > > The IETF succeeded, and RFC4533 is the result. Currently OpenLDAP and Apache > > Directory support it, I'm not aware of anyone else. >> >> Best >> >> 2013/3/24, Suman Karki <sumankarki16(a)gmail.com&gt;: >>> I any person is willing to help me and require more detail about this >>> problem i will reply that. >>> >>> On 3/24/13, Suman Karki <sumankarki16(a)gmail.com&gt; wrote: >>>> I am running open ldap server in redhat server, and active directory >>>> in win server 2008. >>>> I have admin access to both servers. >>>> >>>> The thing is that i have to sync both server, like from openldap i >>>> could access active directory data. >>>> >>>> Can it be possible? >>>> If possible then then please give me some information that i could >>>> proceed this task. >>>> >>>> I have tried some thing like using openldap admin guide >>>> >>>> syncrepl rid=001 >>>> provider=ldap://IP of AD server/ >>>> binddn="cn=replicator,dc=suretecsystems,dc=com" >>>> bindmethod=simple >>>> credentials=Password of AD server >>>> searchbase="dc=suretecsystems,dc=com" >>>> type=refreshAndPersist >>>> retry="5 5 300 5" >>>> >>>> >>>> >>>> I don't how much i am right. >>>> Or is there any different way? Please help me to solve this.