Hi,
Thanks
Is Possible to create active directory schema manually in openLDAP...?
Regards Support Team. ----- Forwarded by Krishnamoorthi Gopal/Chennai/Vernalis/IN on 06/20/2013 09:20 PM -----
From: Vishesh kumar linuxtovishesh@gmail.com To: Krishnamoorthi Gopal krishnamoorthi@vernal.is Cc: Ricardo Sant Ana ricksant2003@gmail.com, openldap-technical-bounces@openldap.org, "openldap-technical@openldap.org" openldap-technical@openldap.org Date: 06/20/2013 09:18 PM Subject: Re: LDAP/SASL problems
As per understanding, AD use different schema so OpenLDAP replication will not work.
Thanks Vishesh Kumar http://www.linuxmantra.com/
On Tue, Jun 11, 2013 at 7:40 PM, Krishnamoorthi Gopal < krishnamoorthi@vernal.is> wrote:
Hi Ricardo,
Is possible to replicate Active directory users into OpenLDAP server.
Can you confirm.
Regards Support Team.
From: Ricardo Sant Ana ricksant2003@gmail.com To: openldap-technical@openldap.org Date: 06/11/2013 07:36 PM Subject: LDAP/SASL problems
Hello All
I am instaling an OpenLDAP server (Ubuntu Precise) on a local network (Ip 10.67.123.146). I installed using :
apt-get install slapd ldap-utils
later, I used slapcat to insert data from a teste.ldif file.
So, the problem: from local machine I used ldapsearch -D "cn=admin,dc=eb,dc=mil,dc=br" -w password -p 389 -h 10.67.123.146 -b "dc=eb,dc=mil,dc=br" -s sub "(objectclass=*)" and it works properly.
But from a remote host: ldapsearch -D "cn=admin,dc=eb,dc=mil,dc=br" -w password -p 389 -h 10.67.123.146 -b "dc=eb,dc=mil,dc=br" -s sub "(objectclass=*)"
returns: SASL/DIGEST-MD5 authentication started ldap_sasl_interactive_bind_s: Invalid credentials (49)
So, from a remote host, I had to add -x option: ldapsearch -x -D "cn=admin,dc=eb,dc=mil,dc=br" -w sped -p 389 -h 10.67.123.146 -b "dc=eb,dc=mil,dc=br" -s sub "(objectclass=*)"
and it works again. So, after some google, it seems I need to configure/install SASL support; How do I do that ?
thanks in advance Ricardo Sant'Ana
VERNALIS SYSTEMS EMAIL NOTICE ----------------------------- The information contained in this email and any attachments is confidential and may be subject to copyright or other intellectual property protection. If you are not the intended recipient, you are not authorized to use or disclose this information, and we request that you notify us by reply mail or telephone and delete the original message from your mail system.
Krishnamoorthi Gopal wrote:
Is Possible to create active directory schema manually in openLDAP...?
Replication is much more than only the schema. That's why Samba folks implemented their own separate solution.
What you can do is synchronizing partial data most times with custom scripts.
Ciao, Michael.
openldap-technical@openldap.org
-
Krishnamoorthi Gopal -
Michael Ströder