[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Active directory and openldap



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

François Bourget wrote:
| Hello,
|
| Just want to be able to use a Campus-wide Ldap server (openldap) with an
| AD locallay so that our users have the same password. They already have
| the same username all across Campus.
|
| Is it possible to use an Openldap server as a Master, and that server
| feeds an AD domain with usernames and password only in one direction.
| Dont need anything esle than username and password (for now)

Hi,

I haven't actually tried it, but shouldn't it be possible to
authenticate against the AD-Server (and get a Kerberos TGT) from it and
then use the LDAP-Server with the GSSAPI-SASL-mechanism? You "just" have
to create a principal for the LDAP-Service ind the AD
(ldap/your.ldap.server) and extract the keyfile from it (and store it
where the slapd can access it).

Yours
Stephan Siano
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE+zH+tqA9BW6fcBwIRAte2AKDs9FoWGiP235J9XNitq8ycq1fPUwCg3u2t
IpJwDeUep0oIVCdSdT0P1CY=
=Wh6q
-----END PGP SIGNATURE-----