l 25-05-2010 1:50, Michael Ströder escribió: > "Veloso Varas, Sebastián (TECH-IT)" wrote: > >> I would like to know if any of you. has had experience of integration of >> AD with LDAP. My idea is to have a core LDAP and AD users consume. >> > Not sure what you really want. If you want simple replication from OpenLDAP to > AD this is not possible out-of-the-box. >
OpenLDAP need to have a root domain that has the "sitio.int." I have a Windows 2003 Server Active Directory that has the root domain "Ad.int." I need the AD users are housed in the OpenLDAP. Is it possible to replicate the users? Or both must have the same domain name? Can they live together in a single LDAP server domain "sitio.int" and "ad.int" >> "I have a concern would be the root domain and AD ldap.sitio.int eg >> ad.sitio.int would not? >> >> LDAP (sitio.int) -------> AD (sitio.int) >> > You're mixing AD and pure LDAPv3 terms here. Probably because with AD the DNS > domain name and the LDAP naming context are tightly coupled. Anyway this is > the least of the problem. > > >> I am implementing this scheme for a unified authentication issue, >> working through cross-platform and I must be based on an LDAP. >> > What authentication mechanism do you want to use. Simple bind with password? > Kerberos (SASL/GSSAPI)? Etc.... > To avoid problems with passwords, I made a web application. NET is able to change the key in OpenLDAP and AD, therefore, the user is given the password and change it with this application. > You should really try to explain in more detail what you want to achieve. > > Ciao, Michael. > >
