[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Help me for " LDAP Sync with Active Directory from Openldap side"



please discuss this on the list.

I do not fully understand why you need synchronization.

If it is because your LDAP client (i.e. liferay) only supports
one LDAP-URI but you have two different user directories
(AD and OpenLDAP), than there would be no need for
synchronization: OpenLDAP could be used to integrate both
directories under one URL (e.g. by meta backend)


On 25.03.2013 10:02, Suman Karki wrote:
thank you for your reply. And i need some help that can perform my task.

I am using liferey for web hosting. Which is http://www.liferay.com/

I am managing liferay's user accounts with open ldap server.

And i need to sync AD to Open Ldap .

So through one Open Ldap server configuration  i can access both
servers user account.

I have admin access to both server.

Just, I need to sync AD to Open Ldap server for user account accessing.





On 3/25/13, Mark Pröhl <mark@mproehl.net> wrote:
on 25.03.2013 06:57, Suman Karki wrote:
I am running open ldap server in redhat server, and active directory
in win server 2008.
   I have admin access to both servers.

   The thing is that i have to sync both server, like from openldap i
could access active directory data.


So anybody tell me how can we synchronize both server, any solutions ?
or it will be better if anyone provide me some tutorials or better
give me some documentation?

please i need to solve this problem as soon as possible.

can you describe your requirements a little bit more? I.e.

- which attributes do you need to be synchronized?
- do you need to synchronize from AD to OpenLDAP
    or from OpenLDAP to AD or in both directions?
- do you need passwords to be synchronized?

BTW: OpenLDAP can be configured as a (caching) LDAP
proxy to Active Directory. Configuring that is much
more simple than synchronization with AD.

For synchronization you will need some kind of
3rd-party product, like the SPML based solution
mentioned here:
http://www.openldap.org/lists/openldap-technical/201303/msg00167.html

--
Mark Pröhl
mark@mproehl.net
www.kerberos-buch.de