all are right:
1.) The IETF LDUP working did fail to produce a standard LDAP server
server replication protocol
2.) sync repl is the nearest we have to a standard LDAP server server
replication protocol. I doubt that Microsoft will ever support it though.
Thus to come back to the original question: instead of replication you
need synchronization between OpenLDAP and Active Directory. And there
are a lot of such solutions around.
Cheers,
Peter
Am 24.03.2013 16:46, schrieb Ludovic Poitou:
Howard,
I don't dispute the 2 implementations. 2 doesn't make a standard
though, even if it's more than any other LDAP replication spec.
My main point is that RFC4533 is not a standard but describes an
experimentation.
Regards,
Ludo
--
Ludovic Poitou
http://ludopoitou.wordpress.com
On Sunday, March 24, 2013 at 16:33 , Howard Chu wrote:
> Ludovic Poitou wrote:
>>
>> On Sunday, March 24, 2013 at 14:11 , Howard Chu wrote:
>>
>>> devzero2000 wrote:
>>>> Sorry for the top posting
>>>>
>>>> no, it is not possible to do what you are trying to do, not so simply.
>>>> There are solution for synch different ldap product, free and
>>>> commercial. In a very old oreilly ldap book the topic is also
>>>> discussed somehow, iirc. In effect the ietf effort to create an
>>>> multiple vendor ldap synch repl standard is failed, in retrospect, i
>>>> think.
>>>
>>> The IETF succeeded, and RFC4533 is the result. Currently OpenLDAP
>>> and Apache
>>> Directory support it, I'm not aware of anyone else.
>> I wouldn't say that IETF succeeded. RFC4533 is an experimental
>> document and in
>> no way represents a consensus on how to do LDAP synchronization or
>> replication.
>
> Perhaps no consensus today, but the existence of two interoperable
> independently developed implementations means the experiment
> succeeded. That's
> more than any other replication spec for LDAP can claim.
>
>> Regards,
>>
>> Ludovic.
>> --
>> Ludovic Poitou
>>
http://ludopoitou.wordpress.com
>>>>
>>>> Best
>>>>
>>>> 2013/3/24, Suman Karki <sumankarki16(a)gmail.com
>>>> <mailto:sumankarki16@gmail.com>
>>>> <mailto:sumankarki16@gmail.com>>:
>>>>> I any person is willing to help me and require more detail about
this
>>>>> problem i will reply that.
>>>>>
>>>>> On 3/24/13, Suman Karki <sumankarki16(a)gmail.com
>>>>> <mailto:sumankarki16@gmail.com>
>>>>> <mailto:sumankarki16@gmail.com>> wrote:
>>>>>> I am running open ldap server in redhat server, and active
directory
>>>>>> in win server 2008.
>>>>>> I have admin access to both servers.
>>>>>>
>>>>>> The thing is that i have to sync both server, like from openldap
i
>>>>>> could access active directory data.
>>>>>>
>>>>>> Can it be possible?
>>>>>> If possible then then please give me some information that i
could
>>>>>> proceed this task.
>>>>>>
>>>>>> I have tried some thing like using openldap admin guide
>>>>>>
>>>>>> syncrepl rid=001
>>>>>> provider=ldap://IP of AD server/
>>>>>> binddn="cn=replicator,dc=suretecsystems,dc=com"
>>>>>> bindmethod=simple
>>>>>> credentials=Password of AD server
>>>>>> searchbase="dc=suretecsystems,dc=com"
>>>>>> type=refreshAndPersist
>>>>>> retry="5 5 300 5"
>>>>>>
>>>>>>
>>>>>>
>>>>>> I don't how much i am right.
>>>>>> Or is there any different way? Please help me to solve this.
>
>
> --
> -- Howard Chu
> CTO, Symas Corp.
http://www.symas.com
> Director, Highland Sun
http://highlandsun.com/hyc/
> Chief Architect, OpenLDAP
http://www.openldap.org/project/
--
_______________________________________________________________________
Peter Gietz (CEO)
DAASI International GmbH phone: +49 7071 407109-0
Europaplatz 3 Fax: +49 7071 407109-9
D-72072 Tübingen mail: peter.gietz(a)daasi.de
Germany Web:
DAASI International GmbH, Tübingen
Geschäftsführer Peter Gietz, Amtsgericht Stuttgart HRB 382175
_______________________________________________________________________