[Date Prev][Date Next]
RE: CONTINUE: Interoperability with MS Software
you got the AD schema through an Active Directory subSchema entry...
or probably on msdn.microsoft.com
good luck for the access control management :)
> -----Message d'origine-----
> De : owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]De la part de Samier Kesou
> Envoye : jeudi 11 septembre 2003 11:20
> A : mwood@IUPUI.Edu; openldap-software@OpenLDAP.org
> Objet : CONTINUE: Interoperability with MS Software
> Thanks everyone for answering.
> Please excuse me if my question was unclear.
> What i mean by integrate is that the MS Software communicates directly
> with the
> openldap-openssl-SASL(kerberos) solution as mark points out below.
> So from what i read below i would like to use the ADS Schema and use
> the SRV
> record. I was searching for that schema but didnt find it.
> Is there a ADS Schema ?
> thanks in advance,
> >>> "Mark H. Wood" <mwood@IUPUI.Edu> 10.09.2003 16:27:48 >>>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> From: Jeremy Ardley <firstname.lastname@example.org>
> > Yes it does integrate. We use VJ++ with Microsoft ADSI and LDAP
> > think you will have some headaches
> The difference is, of course, what you mean by "integrate". Windows
> and up have LDAP libraries and a variety of APIs to take advantage of
> them. But OpenLDAP right out of the box is not what Windows expects of
> ADS Domain Controller, if *that* is what you mean.
> For the latter you'll need to load a compatible version of the ADS
> extensions, implement Kerberos V, add certain SRV records to your DNS
> zones, and populate your Kerberos and directory services with a few
> objects which ADS hosts expect. Those Kerberos principals must also
> certain attributes in addition to those supplied by the native
> tools, to glue them to the NT security model. It sounds like great fun
> I wish I had the time to do one.
> - --
> Mark H. Wood, Lead System Programmer mwood@IUPUI.Edu
> MS Windows *is* user-friendly, but only for certain values of "user".
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.2 (GNU/Linux)
> Comment: pgpenvelope 2.10.2 - http://pgpenvelope.sourceforge.net/
> -----END PGP SIGNATURE-----
Virus checked by G DATA AntiVirusKit
Version: AVK 12.0.559 from 03.09.2003
Virus news: www.antiviruslab.com