[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Integration OpenLDAP - MS Active Directory

To: sveloso@tech-it.cl
Subject: Re: Integration OpenLDAP - MS Active Directory
From: Michael Ströder <michael@stroeder.com>
Date: Tue, 25 May 2010 07:50:30 +0200
Cc: openldap-technical@openldap.org
In-reply-to: <4BFAD20E.2060801@tech-it.cl>
References: <4BF8B486.8060104@ianshome.com> <4BF8F38A.3060005@symas.com> <4BF9C050.1030905@ianshome.com> <4BF9D24E.2060904@symas.com> <4BF9F3B2.9030604@ianshome.com> <4BFAD20E.2060801@tech-it.cl>
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.10) Gecko/20100504 Lightning/1.0b1 SeaMonkey/2.0.5

"Veloso Varas, Sebastián (TECH-IT)" wrote:
> I would like to know if any of you. has had experience of integration of
> AD with LDAP. My idea is to have a core LDAP and AD users consume.

Not sure what you really want. If you want simple replication from OpenLDAP to
AD this is not possible out-of-the-box.

> "I have a concern would be the root domain and AD ldap.sitio.int eg
> ad.sitio.int would not?
> 
> LDAP (sitio.int) -------> AD (sitio.int)

You're mixing AD and pure LDAPv3 terms here. Probably because with AD the DNS
domain name and the LDAP naming context are tightly coupled. Anyway this is
the least of the problem.

> I am implementing this scheme for a unified authentication issue,
> working through cross-platform and I must be based on an LDAP.

What authentication mechanism do you want to use. Simple bind with password?
Kerberos (SASL/GSSAPI)? Etc....

You should really try to explain in more detail what you want to achieve.

Ciao, Michael.

-- 
Michael Ströder
E-Mail: michael@stroeder.com
http://www.stroeder.com

Follow-Ups:
- Re: Integration OpenLDAP - MS Active Directory
  - From: "Veloso Varas, Sebastián (TECH-IT)" <sveloso@tech-it.cl>

References:
- More on dynamic group searches
  - From: Ian Collins <ian@ianshome.com>
- Re: More on dynamic group searches
  - From: Howard Chu <hyc@symas.com>
- Re: More on dynamic group searches
  - From: Ian Collins <ian@ianshome.com>
- Re: More on dynamic group searches
  - From: Howard Chu <hyc@symas.com>
- Re: More on dynamic group searches
  - From: Ian Collins <ian@ianshome.com>
- Integration OpenLDAP - MS Active Directory
  - From: "Veloso Varas, Sebastián (TECH-IT)" <sveloso@tech-it.cl>

Prev by Date: Re: How to obtain a 'version number' of an attributes
Next by Date: Re: More on dynamic group searches
Index(es):
- Chronological
- Thread