Re: Active directory and openldap

[Jehan PROCACCIA <Jehan.Procaccia@int-evry.fr>]

Do you happen to have a sample source perl code to transform the 
cleartext password to Unicode unicodePwd attribute for AD ?
Also as anyone implemented a protected connection "SASL/GSSAPI or TLS) 
to bind to AD as a privileged user to make these changes" .

Thanks.


Howard Chu wrote:
> Yes, it's feasible to set up an OpenLDAP master that uses slurpd to replicate
> changes into AD. The one catch is that you must use cleartext passwords if
> you want them to be replicated, and you must transform the UTF-8 userPassword
> from OpenLDAP into the Unicode unicodePwd attribute during the replication.
> Generally I use a bit of perl code to do this step. And of course, you must
> use a protected connection (SASL/GSSAPI or TLS) to bind to AD as a privileged
> user to make these changes.
>
>   -- Howard Chu
>   Chief Architect, Symas Corp.       Director, Highland Sun
>   http://www.symas.com               http://highlandsun.com/hyc
>   Symas: Premier OpenSource Development and Support



--
Jehan Procaccia 			| Ingenieur Systemes & Reseaux
Institut National des Telecommunications| Tel : +33 (0) 160764436
MCI, Moyens Communs Informatiques  | Mail: Jehan.Procaccia@int-evry.fr
9 rue Charles Fourier 91011 Evry France | Fax : +33 (0) 160764321