[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Bidirectional sync using openldap and active directory

Thanks for response. I've already found LSC project, but I wasn't sure that LSC is compatible with Kerberos tokens and users' process of changing his own password.

Systems Administrator Assistant
NETASQ France - We Secure IT
Villeneuve d'Ascq

Le 04/06/2010 13:17, Jonathan Clarke a écrit :
On 27/05/2010 10:25, Benjamin MONTHOUEL wrote:

I'd like to know which method is recommended by openldap.org to perform
a bidirectional sync with Microsoft Active Directory.
This method has to notice that users changed their password by
themselves. Kerberos token ???

Thanks for any information.


OpenLDAP does not include any mechanism to sync with Active Directory. Both directories have replication mechanisms, but they are incompatible.

I can personally (this is not an "openldap.org recommendation") recommend using a third party tool to synchronize the two directories, such as Ldap Synchronization Connector (LSC), which is designed for exactly this purpose - see http://lsc-project.org.

Hope this helps,