[Date Prev][Date Next]
RE: AD->OpenLDAP replication
> I'm working at the same problem that you, i've posted my question
> yesterday.. and had this link in answer:
Yes, I did see these the other day, but I don't think that's quite what I
need - or at least, it's *more* than I really need. I reality, I could
just use the M$ LDAP tools to dump AD and then import into OpenLDAP,
stripping out what I don't need.
> or, you can try this one:
That's good for our web developers, though I don't really want to do
queries to retrieve data. The ADSI ADO is really for queries using the
COM objects. But thanks for the pointers.
> -----Message d'origine-----
> De: Geoff Silver [mailto:email@example.com]
> Date: vendredi 31 mai 2002 17:14
> À: openldap-software@OpenLDAP.org
> Objet: AD->OpenLDAP replication
> I'm interested if anyone has had any luck replicating Active Directory (or
> parts of it) to an OpenLDAP server. On my current contract, they are
> using AD strictly for generic user/computer/etc management; however, they
> want to replicate some (if possible) or all AD info (specifically just
> "phonebook-related stuff") to an OpenLDAP server.
> The rationale is twofold. First, even the NT admins feel AD is terrible
> unstable, and they don't want anyone querying it if they can avoid it.
> Second (and more importantly), they will be receiving LDIF files from
> other customers they want to sync into their tree (no, referrals are
> unfortunately not an option due to some political issues) - and they want
> to keep the non-company LDAP info off the AD servers.
> So, has anyone had any luck doing this? Can anyone point me in the right
> direction? I've done replication OpenLDAP->OpenLDAP, but I'm just
> beginning to mess around with AD. userPassword synchronization isn't
> necessary - basically, just cn, sn, givenName, o, ou, telephoneNumber,
> mail, and postalAddress, l, st, and zip.
> Thanks for any help anyone can provide.
Geoff Silver <geoff at uslinux dot net>
"If Bill Gates had a nickel for every time Windows crashed...
Oh wait, he does"