[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ActiveDirectory Connector...
> I hope this isn't obvious, but how would I map my schema? Does slurpd do
> the updating to AD? Do you know of any documentation on doing this?
If the schema mapping is simply a matter or removing some undesired
entries or attributeTypes, you may use partial replication (see
slapd.conf(5), "replica" directive for details); if it's rather an issue
of attributeType/objectClass renaming, you may filter slurpd replication
thru back-ldap (see slapd-ldap(5) "map" directive for details); if you
need to muck with DNs, again back-ldap may help you (see slapd-meta(5),
"rewrite*" directives for details).
If you need to arbitrarily muck with values, you're on your own. Consider
that userPassword in AD needs to be mapped to unicodePwd, which is
completely different in syntax; most of the typical user's profile
attributes are single-valued in AD (e.g. CN, SN, and so).
For this purpose, at SysNet we developed proprietary tools to map data in
a broad way, with per-objectClass, per-attributeType and per-value mapping
rules, that are used to sync different data sources (e.g.
{RDBMS|LDAP|file} => {RDBMS|LDAP|LDIF} in combination, including a merge
from etherogeneous data sources into a single destination. Usually, we
use it to sync HR RDBMS and other LDAP sources with OpenLDAP, AD and Lotus
Notes DSAs. YOu may contact info@sys-net.it if you need details.
p.
--
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497