Hi Friends,
I am newbee to this community and want to know how I can integrate an OpenLdap Server with MS Active Directory. Such that I create a user in LDAP it reflects in AD as well and vice-a-versa. Similarly any changes should effect on both AD and LDAP. Also I want to know how this can be done with a technical documentation. Also a user incase AD is not available gets authenticated using LDAP and vice-a-versa.
Your urgent help on this issue will be highly appreciated. Expecting a reply from you at the earliest.
Thanks and Regards Santosh Balan +91-9819419509
Santosh Balan wrote:
I am newbee to this community and want to know how I can integrate an OpenLdap Server with MS Active Directory. Such that I create a user in LDAP it reflects in AD as well and vice-a-versa. Similarly any changes should effect on both AD and LDAP. Also I want to know how this can be done with a technical documentation.
This is not possible just by OpenLDAP and AD server configuration. You need a custom sync process for that. There might be already some implementations available but most times they won't fit exactly your requirements. So I'd recommend to write your own custom script to do it.
Also a user incase AD is not available gets authenticated using LDAP and vice-a-versa.
Authenticated at which client component?
E.g. it does not make sense to authenticate the user during Windows logon directly against the OpenLDAP user account since there's a bit more done during a Windows domain logon.
Your urgent help on this issue will be highly appreciated. Expecting a reply from you at the earliest.
Well, "urgent" and "expecting a reply" is a little bit demanding on a mailing list where volunteers are answering in their spare time. You might wanna hire a consultancy company: http://www.openldap.org/support/
Ciao, Michael.
-----Original Message----- From: openldap-technical-bounces+qiang.xu=fujixerox.com@OpenLDAP.org
[mailto:openldap-technical-bounces+qiang.xu=fujixerox.com@Open LDAP.org] On Behalf Of Michael Str?der Sent: Friday, June 12, 2009 7:34 PM To: Santosh Balan Cc: openldap-technical@openldap.org Subject: Re: OpenLDAP and AD integration
Well, "urgent" and "expecting a reply" is a little bit demanding on a mailing list where volunteers are answering in their spare time. You might wanna hire a consultancy company: http://www.openldap.org/support/
On consultancy, I'd like to recommend Howard Chu.
Regards, Xu Qiang
On 12/06/2009 13:33, Michael Ströder wrote:
Santosh Balan wrote:
I am newbee to this community and want to know how I can integrate an OpenLdap Server with MS Active Directory. Such that I create a user in LDAP it reflects in AD as well and vice-a-versa. Similarly any changes should effect on both AD and LDAP. Also I want to know how this can be done with a technical documentation.
This is not possible just by OpenLDAP and AD server configuration. You need a custom sync process for that. There might be already some implementations available but most times they won't fit exactly your requirements. So I'd recommend to write your own custom script to do it.
If you choose this approach, you may want to look at Ldap Synchronization Connector (LSC) which is designed for this purpose, and can easily be set up to synchronize AD and OpenLDAP. See http://lsc-project.org/wiki/documentation/tutorials/openldaptoactivedirector...
Regards, Jonathan
PS: please apologize the advertising :)
openldap-technical@openldap.org
-
Jonathan Clarke -
Michael Ströder -
Santosh Balan -
Xu, Qiang (FXSGSC)