[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP synchtonization with windows/Active Directory



"Razi Garbie" <boneybastard@gmail.com> writes:

> Hi everyone,
>
> I've spent countless of hours trying to figure out how to sync openLDAP with
> my currently running windows/active directory, however.. i cant find any
> information on how this is done.
>
> Im currently running windows/AD which authenticates ~20users all windows boxes
> (obviously), however.. all windows users have accounts on the linux machines i
> run and that makes administrative tasks a bit messy, hence i have to make
> account changes on two different domains.
>
> The ideal setup is to setup setup a OpenLDAP server that is synced with
> windows active directory, so that my users can authenticate against the linux
> domain using their windows passwords.
>
> etc,
> (linux machines/-ldap clients) - > OpenLDAP <--SYNC --> Win/AD <- (windows
> machines)
>
> Thats how i imagine the setup will look like.
>
> Has anyone ever done this?

I doubt it.
Ask Microsoft to implement RFC 4533.
But you might try OpenLDAP with configured back-ldap and probably a
caching proxy to connect to AD. Further readings: man slapd.conf(5),
man slapd-ldap(5), man slapo-pcache(5).

-Dieter

-- 
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8EF7B6C6