On 01/16/2014 08:12 AM, Louis-Marie Plumel wrote:
Ok ok, i'm going to see what you sent to me . To be sure, is 389DS may
be an intermediate between my two actual servers?
Not sure what you mean here.
I have to keep my actual LDAPand remain the master and synchronization
must be a single direction (LDAP -> AD).
389 supports one way sync.
Willusers have to change their password?
Yes, unfortunately.
My goal is that everything will be transparent.
Then you may want to look into IPA with AD cross domain trust as Petr
suggested.
regards
2014/1/16 Petr Spacek <[email protected] <mailto:[email protected]>>
On 16.1.2014 15:59, Rich Megginson wrote:
On 01/16/2014 07:57 AM, Louis-Marie Plumel wrote:
Hello,
Actually , i work with openldap.
I've installed an AD 2008 R2.My challenge is to work with
both and
synchronise LDAP and AD 2008 R2. After a long research on
the web, i don't
find any information about howto synchronise passwords .
That's why i come
here to see if with 389 DS it's possible or not.
Yes.
https://access.redhat.com/site/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Windows_Sync.html
There is also one completely different option: Use trust between
AD and Unix domain. It depends on your requirements ...
See
http://www.freeipa.org/page/Trusts
or join mailing list
https://www.redhat.com/mailman/listinfo/freeipa-users
Have a nice day!
--
Petr^2 Spacek
--
389 users mailing list
[email protected]
<mailto:[email protected]>
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
Louis-Marie Plumel
[email protected] <mailto:[email protected]>
--
389 users mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/389-users
