ADAM integrates with the domain in a few ways.
When an ADAM server is a domain member, then ADAM can be used to
authenticate domain users via LDAP authentication (using secure bind or
simple bind with bind proxies).
ADAM will also get its password policy from the machine password policy
applied by the DC if it is a domain member.
The other important consideration with ADAM as a domain member (in my view)
is that if you will have replicating ADAM instances, it is a bit ugly to get
the RPC security working for replication if you aren't using domain member
servers. You end up having to do a hackish thing of having shadowed
accounts with the same name and password on each machine to get it to work,
and that is a management hassle.
The actual ADAM LDAP directory doesn't have anything to do with the AD LDAP
directory. The only way to get AD objects into ADAM (or vice versa) is with
some sort of a sync process. They do not replicate or share any directory
data.
You can definitely use the full range of X500 naming styles with ADAM
instead of just the DNS-based root naming convention that AD requires
("DC=domain,DC=com" and such), so you can likely accomplish your goal.
HTH,
Joe K.
----- Original Message -----
From: "Matt Brown" <[EMAIL PROTECTED]>
To: <ActiveDir@mail.activedir.org>
Sent: Friday, September 29, 2006 11:25 AM
Subject: [ActiveDir] ADAM with Domain
How does ADAM integrate with a domain? Will they be completely separate
directories or can they somehow be joined together?
I'm wanting to use an X.500 name for the ADAM instance.
Thanks in advanced for the help provided,
--
Matt Brown
IT System Specialist
Eastern Washington University
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
