Re: OpenLDAP synchtonization with windows/Active Directory

[Buchan Milne <bgmilne@staff.telkomsa.net>]

On Monday 11 February 2008 20:12:17 àààà Anuj Singh wrote:
> On Feb 11, 2008 2:28 PM, Razi Garbie <boneybastard@gmail.com> wrote:
> > Hi everyone,
> >
> > I've spent countless of hours trying to figure out how to sync openLDAP
> > with my currently running windows/active directory, however.. i cant find
> > any information on how this is done.
> >
> > Im currently running windows/AD which authenticates ~20users all windows
> > boxes (obviously), however.. all windows users have accounts on the linux
> > machines i run and that makes administrative tasks a bit messy, hence i
> > have to make account changes on two different domains.
> >
> > The ideal setup is to setup setup a OpenLDAP server that is synced with
> > windows active directory, so that my users can authenticate against the
> > linux domain using their windows passwords.
>
> Yes it can be done, in my setup a user can login to linux machine ,
> this user does not exists on linux, beside it exists on windows active
> directory.

There are a number of well-known solutions to authenticating Unix servers to 
Active Directory, however, the original question was about synchronisation 
between OpenLDAP and Active Directory.

There are also other potential solutions for synching passwords from AD to 
OpenLDAP, but the original question precluded this answer ...

So, maybe the original poster would like to re-pose the question.

(I personally dislike using AD for Unix user account details, as other 
features of LDAP-aware Unix clients are not available when using AD)

Regards,
Buchan