"If you've setup your AD structure so differently to
your eDirectory structure within the same company then there's either something
wrong with one of the structures or there's something wrong with you
"
!?!?!?!
Because all companies
have the same people designing all of their directories.... and....
Because everyone knows companies don't change over the years... and.... If
they do change, everyone likes rearranging every directory and correcting all of
the apps that depend on those directories to reflect the changes.
Having only two
completely disseparate directory structures is pretty good in my opinion. When
you work on larger accounts it isn't uncommon to see 5 - 10 - 25 large
completely differently structured directories scattered across multiple
iPlanet's, OpenLdap's, AD's, NDS's, Mainframe X.500's, etc....
If this wasn't the rule
instead of the exception, there would be little market for metadirectory
products whose design is to easily work with all of these disjoint and often
very differently designed environments.
Luckily the times I have
had to work with Novell users there were so few of them (maybe 10-15k
users) that it was simply a matter of tossing it out the door and telling people
to use the corporate AD structure instead of Novell. Would hate to have to fight
with the tools to make it interact.
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Medeiros, Jose
Sent: Thursday, May 12, 2005 5:22 PM
To: [email protected]
Cc: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Synching NDS and AD
In response to Stuarts posting,
" NIM is actually bigger than just
eDir and AD Sync, and it's certainly more than just a simple sync with the
ability to control the flow of metadata and modify data on the fly through XSLT
XML, it also includes the idea of authorative sources at an attribute level -
one of the most powerful and flexible metadirectory products on the market today
and one which is reasonably mature/robust.
If you've setup your AD structure so differently to your eDirectory
structure within the same company then there's either something wrong with one
of the structures or there's something wrong with you - I have never ever seen a
directory structure in AD that I can't apply rules through NIM to sync with
eDirectory even in instances of poor design. "
As Per Matthew
Culver
Sr Network
Engineer
Novell
Inc.
------------------------------------------------------------------------------------------------------
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Fuller, Stuart
Sent: Thursday, May 12, 2005 12:27 PM
To: [email protected]
Subject: RE: [ActiveDir] Synching NDS and ADNsure Identity Manager = "Metadirectory" for all disparate NDS (Edir) and AD directories.We are/have been looking at this question, and yes you can do a simple synch between Novell and AD with this product. *BUT* in our case the OU structures between to the two directories are so disparate that a direct sync is relatively impossible. If we end up going with this solution, we will have to project both directories to a third directory that we will write the sync rules for. This ends up being a Metadirectory.*If* your OU structure, account ID's, etc... are fairly or exactly the same, then you can do a direct sync and end up with something "...not the size of an Identity Management Tool like MIIS". If you want a full blown Metadirectory then Novell's Nsure Indentity management is in the same category of directory products as MIIS._Stuart Fuller
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Medeiros, Jose
Sent: Wednesday, May 11, 2005 3:16 PM
To: [email protected]
Subject: RE: [ActiveDir] Synching NDS and ADHi Jorge,We run Netware NDS 6.5 along with AD 2003 and we have a fulltime Netware Consultant on staff assigned by Novell. I spoke with him about your request and what he would recommend and he gave me this link http://www.novell.com/products/nsureidentitymanager/Regards,Jose Medeiros---------------------------------------------------------------------------------------------------------------Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Jorge de Almeida Pinto
Sent: Wednesday, May 11, 2005 11:07 AM
To: [email protected]
Subject: [ActiveDir] Synching NDS and ADHi,
Does anyone know of a product that can acchieve the following:
* Synching NDS and AD
* 2-way synching
* Automated synching
* Possibility to assign a directory for the first sync
* Synching of user accounts, groups and passwords (although I wonder if the latter is possible because different mechanisms are used for storing pwds)* Not the size of an Identity Management tool like MIIS
Could MS Services for Netware play a role in this?
Cheers
#JORGE#Met vriendelijke groet / Kind regards,
Jorge de Almeida Pinto
Infrastructure Consultant
__________________________________________<<...OLE_Obj...>>
LogicaCMG Nederland B.V. (BU SD/AT)
Division Industry, Distribution and Transport (ID&T)
Kennedyplein 248, 5611 ZT, Eindhoven
. Postbus 7089
5605 JB Eindhoven
( Tel : +31-(0)40-29.57.777
2 Fax : +31-(0)40-29.57.709
( Mobile : +31-(0)6-26.26.62.80
* E-mail : [EMAIL PROTECTED]
" <http://www.logicacmg.com/> - Solutions that matter -
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
