I am working on the same type of concept. We are currently
using Novell as the central directory for all the transactions to flow
through
using DirXML technology. We are using a Custom built Solaris driver to sync
Password and user account information
and also dynamically syncing Windows 2000/AD accounts (password included)
The solution so far works Great!!
All we are really doing is setting up dynamic connectors based on events
in the Client enviroments ( Solaris,NT,Active Directory)
and transferring those changes to NDS the Replicating those transactions
to the other client directory/data store.
Let me know if you want more information on this.
William Brant
[EMAIL PROTECTED]
-----Original Message-----
From: Alexander Klein [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 26, 2001 9:08 AM
To: [EMAIL PROTECTED]
Subject: Re: [ActiveDir] Connecting Active Directory to an X.500Database
Hi,
"Reijnders, JTA (John)" schrieb:
> But
> more info would be helpfull... (environment size, geographical
distribution,
> is the Unix DS leading for user admin, etc.etc.)
Since so many of you asked for more information, I'll try to depict the
setup of our site here:
We have some twenty- or thirty thousand accounts for students and
employees, I guess that about two or three thousand accounts per year
are created/deleted, with most of the activity happening over a span of
only a few weeks.
The the university is scattered across the whole city, everything is
connected via Ethernet, FDDI-lines, and other high-speed coonections,
some remote sites are connected with whatever wireless method, but we
may neglect the latter for the time being.
For the UNIX people, all their home-directories are held on a central
server, we postponed the decision about where to put the
Windows-people's homedirectories, so we could at least bring up the user
management to some usable state.
As for the Metadirectory mentioned below, I don't know to what extent
it's usable, the whole project was already attempted at a year ago, but
came to a grinding halt and nobody took care of it since I came. The man
in charge of the X.500-directory said that the meta-directory-server
once ran, but the current state is ill-defined. So, if we got the
Meta-Directory up and running again on the UNIX-side, we could also use
this one, once again, none of my documentation gives me a hint about how
to connect to a meta-directory on the UNIX-side.
+---------------+ /\
| AIX - Cluster |-----<->--\ / \
+---------------+ | /DNS,\
| /X.500,\
+---------------+ | / Mail- \
| SUN - Cluster |-----<->--+--<->-/ relay, \
+---------------+ | / consisting \
| /of two servers\
+---------------+ | /one master, one \
|Numbercrunching|-----<->--/ /slave, X.500-Meta-\
| & others ... | /directory (currently\
+---------------+ /inoperative), X.500 \
/stores no passwords \
/so far. \
/____________________________\
. |
. X
. |
/-------------------\ /------------\
|Windows world, | |My job, con-|
|only uses DNS, and |-----/X\-----|nect these |
|SMTP, no real User-| \------------/
|management |
\-------------------/
|
|
Win-Password-Server
List info: http://www.activedir.org/mail_list.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info: http://www.activedir.org/mail_list.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
