[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: AD - OpenLDAP synchronisation or replication

I run openldap on win2k, configured as a replica of the main openldap
server then sync users using back-perl on Win2k.  I use a password filter
on Win2K to then sync user passwords from windows->openldap.  A have a
sample perl module, password filter, etc. at

> Hi everybody,
> Firstly, thanks to all OpenLDAP's developpers, it is a great product,
> that i'm using for 2 years accross different OSs!
> So now about my problem...
> In my company, I'm working on the LDAP project in order to use it for
> users and system accounts (we have something like 700 accounts) on the
> UNIX servers. Most of our servers are IBM AIX 4.3.3 (in order to
> authentificate users by LDAP, I'm using a module developped by Kyle
> Chapman (great thanks for his help)), our LDAP server is OpenLDAP
> 2.0.23 (compilled on AIX 4.3.3 with SSL and SASL options).
> For Mico$oft NT and 2000 servers, as for workstations, we are using
> Windows 2000 Active Directory. All our users who have to access UNIX
> servers, are registred inside of AD. We have also 300 accounts
> dedicated to system accounts (Database...).
> So, I'm looking for any possibilities to connect AD and LDAP (AD is
> using LDAPv3, but it has a proprietary synchronisation protocol). I
> heard that there are special connectors for AD to link it with others
> (commercial directories, why not OpenLDAP?). An ldif export should be
> allways possible, but we are looking for a real solution (replication
> of a part of a tree).
> Does anybody know any possibilities to do it? (any usefull informations
> are welcome).
> Best regards,
> Sergueï MOURYLEV
> -*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
> ingénieur système UNIX  --- EULER-SFAC
> tel: 01-40-70-51-13
> mail: serguei.mourylev@eulergroup.com