[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Authenticating OpenLDAP client with AD
- To: Vinay Kalkoti <kalkoti.vinay@gmail.com>
- Subject: Re: Authenticating OpenLDAP client with AD
- From: Benjamin Griese <der.darude@gmail.com>
- Date: Sat, 23 Oct 2010 13:01:06 +0200
- Cc: openldap-technical@openldap.org
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=jFqWifG2qIM99Y2FDeXyn52GTJbfxWetlsO6o2AOVYg=; b=k6HghoyKPZh3Su06CGH3jiOvWtc0DzmNuANN1cKdlKcFQXCyXmt/MMrZW3ateM8TJW H6cX3lELCU1n2TuvT+x1w8k+g/l89xLZzWnDOV93LD4pFB9Rs7DanTFBzZh2HY6+j46v cytzitsEaz28/3rskxsa0xckF871IAzzk55ts=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=IA1rHNpKJcf08lmYpwDu57mUPcHDth+G58yDUMP0noMwwmC0s/offvKfyu22zc6Hge RiOhviZpzc01WoFBO68rRn1D0R1hhMmtkR3S+mQZUNXEiH3rgwuLykkR54r66h58pYsK lIniVKiLMXeYCFetzg+MPlCbgybz3KVHetvXI=
- In-reply-to: <AANLkTimup0ATQ4cT15ocqiQftYsD6d-80WhtzGhA3BAw@mail.gmail.com>
- References: <AANLkTimup0ATQ4cT15ocqiQftYsD6d-80WhtzGhA3BAw@mail.gmail.com>
Hi vinay,
you may take a look at this:
http://sourceforge.net/projects/acctsync/
It's not exactly what you want, but can help you reaching the goal. :)
Bye, Benjamin.
On Sat, Oct 23, 2010 at 12:22, Vinay Kalkoti <kalkoti.vinay@gmail.com> wrote:
> Hi,
>
> I am working on authenticating OpenLDAP client with AD server. I saw
> lots of examples which map the rfc2307bis schema using nss_schema
> attribute in ldap.conf file
>
> # Enable support for RFC2307bis (distinguished names in group
> # members)
> nss_schema rfc2307bis
>
> and also, map the attributes of the rfc2307bis to the AD server schema
> attributes.
>
> nss_map_attribute uid msSFU30Name
> nss_map_attribute uidNumber msSFU30UidNumber
> nss_map_attribute gidNumber msSFU30GidNumber
> nss_map_attribute loginShell msSFU30LoginShell
> nss_map_attribute gecos name
> nss_map_attribute userPassword msSFU30Password
> nss_map_attribute homeDirectory msSFU30HomeDirectory
>
>
> Isn't there a way I can fetch the schema from the AD server and set it
> using nss_schema ?.
>
> Basically, I am looking at fetching the schema/objectClass/Attributes
> from the LDAP/AD server and make them as a client schema's so that I
> don't have to keep doing the mapping using nss_map_attribute and
> nss_schema.
>
> I am new to LDAP world, and I am sorry if I my question doesn't make any sense.
>
> I have seen lots of enterprise products which integrate with LDAP/AD.
> They provide a user interface to map the server side schema
> objectClass and attributes. I am trying to see if I can get rid of
> this and do it internally.
>
> Thanks,
> Vinay
>
--
To be or not to be -- Shakespeare | To do is to be -- Nietzsche | To
be is to do -- Sartre | Do be do be do -- Sinatra