[Date Prev][Date Next] [Chronological] [Thread] [Top]



We are currently looking to populate and control our user database in
MS Active Directory using the OpenLdap libraries (openldap 2.0.18)
from a unix (Solaris 2.7) platform. I've had some success, and can
currently create, delete and rename a user as well as change various
properties of the user. The problem comes with moving a user from one
OU to another, without deleting and recreating the user object. 

I think that this is done with the LdapMODDN command/operation, but
cannot get it to work (despite one of our programmers going through
the code). Does anybody have any experience of moving users in Active
Directory using LDAP, or does anybody know if it is actually possible
or not. I suspect that Active Directory cannot actually do it, which
will be a real problem now!

On a related note, I'm aware that password changing in the Active
Directory cannot be done without an SSL certificate and a secure
conection to the LDAP server. Before we go ahead and buy the
certificate, has anybody tried changing an object's password in Active
Directory using the OpenLdap modules and if so, how successful has it

Many thanks


Richard Webber               Tel:    (023) 8059 5498
Computing Officer            Fax:    (0870)1209 519
Computing Services              
University of Southampton    Email:  R.Webber@soton.ac.uk
Southampton (UK)
SO17 1BJ