[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Active Directory & Open LDAP Synchronization


On Tue, Feb 03, 2009 at 01:37:26PM -0500, Paul bob wrote:
> Hi -
> I have installed Active directory authentication for windows servers and
> users and LDAP for Linux servers,  now I am planning to use single sign on
> system windows and Linux. How  can I sync with these two directory?

If you're thinking about replicating Active Directory user accounts on your LDAP
server and using those accounts for authenticating users on Linux systems, the task
is non-trivial. First of all, AD uses different object classes representing accounts
than Linux systems connected to LDAP directory. Second, different mechanisms (including
encryption types) are used to authenticate users.
Directory replication (by means of plain LDAP) will not give you enough data, to
perform real single sign on.

Rafal Szczesniak
Samba Team member   http://www.samba.org
Likewise Software   http://www.likewisesoftware.com

Attachment: signature.asc
Description: Digital signature