Do you happen to have a sample source perl code to transform the
cleartext password to Unicode unicodePwd attribute for AD ?
Also as anyone implemented a protected connection "SASL/GSSAPI or TLS)
to bind to AD as a privileged user to make these changes" .
Thanks.
Howard Chu wrote:
Yes, it's feasible to set up an OpenLDAP master that uses slurpd to replicate
changes into AD. The one catch is that you must use cleartext passwords if
you want them to be replicated, and you must transform the UTF-8 userPassword
from OpenLDAP into the Unicode unicodePwd attribute during the replication.
Generally I use a bit of perl code to do this step. And of course, you must
use a protected connection (SASL/GSSAPI or TLS) to bind to AD as a privileged
user to make these changes.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support
--
Jehan Procaccia | Ingenieur Systemes & Reseaux
Institut National des Telecommunications| Tel : +33 (0) 160764436
MCI, Moyens Communs Informatiques | Mail: Jehan.Procaccia@int-evry.fr
9 rue Charles Fourier 91011 Evry France | Fax : +33 (0) 160764321