[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Active Directory & Open LDAP Synchronization

To: Paul bob <uask2009@gmail.com>
Subject: Re: Active Directory & Open LDAP Synchronization
From: Rafal Szczesniak <mimir@samba.org>
Date: Tue, 3 Feb 2009 23:10:36 +0100
Cc: openldap-technical@openldap.org
Content-disposition: inline
In-reply-to: <7199a0dc0902031037h33bcc9b9o7bf3de0aa3eca581@mail.gmail.com>
References: <7199a0dc0902031037h33bcc9b9o7bf3de0aa3eca581@mail.gmail.com>
User-agent: Mutt/1.5.18 (2008-05-17)

Paul,

On Tue, Feb 03, 2009 at 01:37:26PM -0500, Paul bob wrote:
> Hi -
> I have installed Active directory authentication for windows servers and
> users and LDAP for Linux servers,  now I am planning to use single sign on
> system windows and Linux. How  can I sync with these two directory?

If you're thinking about replicating Active Directory user accounts on your LDAP
server and using those accounts for authenticating users on Linux systems, the task
is non-trivial. First of all, AD uses different object classes representing accounts
than Linux systems connected to LDAP directory. Second, different mechanisms (including
encryption types) are used to authenticate users.
Directory replication (by means of plain LDAP) will not give you enough data, to
perform real single sign on.

cheers,
-- 
Rafal Szczesniak
Samba Team member   http://www.samba.org
Likewise Software   http://www.likewisesoftware.com

Attachment: signature.asc
Description: Digital signature

References:
- Active Directory & Open LDAP Synchronization
  - From: Paul bob <uask2009@gmail.com>

Prev by Date: Re: Active Directory & Open LDAP Synchronization
Next by Date: Re: multiple groups not showing up in "groups" cmd
Index(es):
- Chronological
- Thread