[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Bidirectional sync using openldap and active directory

Subject: Re: Bidirectional sync using openldap and active directory
From: Benjamin MONTHOUEL <benjamin.monthouel@netasq.com>
Date: Mon, 07 Jun 2010 10:04:16 +0200
Cc: openldap-technical@openldap.org
In-reply-to: <4C08E0E1.8070306@phillipoux.net>
References: <4BFE2C78.3000308@netasq.com> <4C08E0E1.8070306@phillipoux.net>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.1.9) Gecko/20100317 Lightning/1.0b1 Thunderbird/3.0.4

Thanks for response. I've already found LSC project, but I wasn't surethat LSC is compatible with Kerberos tokens and users' process ofchanging his own password.


Benjamin MONTHOUËL
Systems Administrator Assistant
NETASQ France - We Secure IT
Villeneuve d'Ascq


Le 04/06/2010 13:17, Jonathan Clarke a écrit :

On 27/05/2010 10:25, Benjamin MONTHOUEL wrote:
Hi,

I'd like to know which method is recommended by openldap.org to perform
a bidirectional sync with Microsoft Active Directory.
This method has to notice that users changed their password by
themselves. Kerberos token ???

Thanks for any information.
Hi,
OpenLDAP does not include any mechanism to sync with Active Directory.Both directories have replication mechanisms, but they are incompatible.
I can personally (this is not an "openldap.org recommendation")recommend using a third party tool to synchronize the two directories,such as Ldap Synchronization Connector (LSC), which is designed forexactly this purpose - see http://lsc-project.org.
Hope this helps,
Jonathan

References:
- Re: Bidirectional sync using openldap and active directory
  - From: Jonathan Clarke <jonathan@phillipoux.net>

Prev by Date: could not config n-way multi-master because insufficient access
Next by Date: Re: how to get DIT structure info
Index(es):
- Chronological
- Thread