[Date Prev][Date Next] [Chronological] [Thread] [Top]

Active Directory and LDAP

To: <openldap-software@OpenLDAP.org>
Subject: Active Directory and LDAP
From: "Adam Fox" <adam.fox@gribbles.com.au>
Date: Wed, 4 Jun 2003 11:05:42 +0930
Organization: The Gribbles Group

Hi all,

My company is looking at installing Active Directory for our Windows
network. We have a mix of Windows PCs, NT servers, 2000 servers, linux
servers and HP-UX servers that we use for various applications. We currently
run an OpenLDAP server for our staff directory, and we use this directory
with Outlook Express and RADIUS for PPP and VPN authentication. All this is
working beautifully.

The age old problem of course is having one location for all user
authentication so that users are only added in the one place. It would be
easier for the users because they would only have to remember one password,
and easier for the administrators because we would only have to add a user
in the one place.

I can get the linux and HP-UX boxes to authenticate with the LDAP server
using PAM modules no worries, and I can get PPP and VPN users to authenicate
with the LDAP server using RADIUS, but I'm not sure if it's possible with
Active Directory to authenicate the users with our LDAP server. I've done a
quick course on AD, and I saw that the AD uses it's own internal LDAP server
to store it's own structure. Maybe it would be possible to store the AD data
on our LDAP server?

Has anyone got any ideas or solutions as to how to get Active Directory to
do the authentication with the external LDAP server? I've done a bit of
searching on the net but can't find a solution. I thought this would surely
be a problem that lots of companies would face.

Thanks for any help,

Adam Fox

Attention:
The information contained in this message and or attachments is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any system and destroy any copies.

Any views expressed in this message are those of the individual sender and may not necessarily reflect the views of The Gribbles Group.

Thank You.

Whilst every effort has been made to ensure that this e-mail message and any attachments are free from viruses, you should scan this message and any attachments.
Under no circumstances do we accept liability for any loss or damage which may result from your receipt of this message or any attachment.

Follow-Ups:
- Re: Active Directory and LDAP
  - From: "Mark H. Wood" <mwood@IUPUI.Edu>

Prev by Date: selective mounting w/ autofs
Next by Date: Outlook and OpenLDAP integration.
Index(es):
- Chronological
- Thread