[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: OpenLDAP+kerboros -> win2k AD

>Note that "interoperable" in this case is similar to saying that two
>railways built on different gauges are interoperable, in that since they
>both come to the same station you can always unload the cargo from one
>train and load it onto the other one.  The principal-mapping stuff
>apparently works, but it's pretty lame, and the case of building a
>recognizable ADS DC on something other than a Microsoft operating system
>is conspicuous by its absence.

I would suggest that that's not going to happen for a while. It would
be nice to start chipping away at, though, by implementing some of
Microsoft's matching rules and LDAP extensions in OpenLDAP. Then 
you might have some chance of replacing the _LDAP_ component of
Active Directory with an OpenLDAP server, providing that you didn't
care too much about integrating with NT's authorization model.

-- Luke
Luke Howard | lukehoward.com
PADL Software | www.padl.com