On Fri, Mar 22, 2013 at 1:33 AM, 杨峰 <[email protected]> wrote: > I had set up LDAP on linux side, I want to build a AD with Windows2008R2, > and AD should sync the user information from LDAP, is there any suggestion > on this?
Usually and quite commonly your DITs will differ so you will probably need a middle man to translate. I don't know of an existing toolset that does this elegantly, but one could very well exist. Perl is my tool of choice here with Net::LDAP, but you can use any programming language that talks LDAP. You have to enable LDAP on the AD side because AFAICR it's not enabled by default. Wether it's real-time (event-driven) or batch based depends on your particular needs, and there are different techniques for either one. In all the cases I have done this AD is a sub-set of the corporate DIT which is in OpenLDAP (or whatever) but YMMV. Best, -- Alejandro Imass
