[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Authenticating OpenLDAP client with AD



oops, forgot the ML

On Wed, Oct 27, 2010 at 17:06, Benjamin Griese <der.darude@gmail.com> wrote:
> @Vinay
>
> I've found another solution that maybe fits your needs:
>
> http://lsc-project.org/wiki/
>
> On Sat, Oct 23, 2010 at 15:26, Quan Nguyen <qnguyen@ayr1.com> wrote:
>>
>>
>> Send from IPhone
>>
>>
>> On Oct 23, 2010, at 5:55 AM, Benjamin Griese <der.darude@gmail.com> wrote:
>>
>>> Hi,
>>>
>>> yes that is another possibility I wanted to show you.
>>> By searching I found another, but probably not open, method to do it.
>>> http://www.likewise.com/
>>>
>>> Good luck.
>>>
>>> On Sat, Oct 23, 2010 at 14:52, Vinay Kalkoti <kalkoti.vinay@gmail.com>
>>> wrote:
>>>>
>>>> Hi Benjamin,
>>>>
>>>> Are you hinting at running the openldap server instead of openldap
>>>> client and sync the required accounts using replication and
>>>> authenticate againt the openldap server locally ?
>>>>
>>>> Thanks,
>>>> Vinay
>>>>
>>>> On 10/23/10, Benjamin Griese <der.darude@gmail.com> wrote:
>>>>>
>>>>> Hi vinay,
>>>>>
>>>>> you may take a look at this:
>>>>> http://sourceforge.net/projects/acctsync/
>>>>>
>>>>> It's not exactly what you want, but can help you reaching the goal. :)
>>>>>
>>>>> Bye, Benjamin.
>>>>>
>>>>> On Sat, Oct 23, 2010 at 12:22, Vinay Kalkoti <kalkoti.vinay@gmail.com>
>>>>> wrote:
>>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> I am working on authenticating OpenLDAP client with AD server. I saw
>>>>>> lots of examples which map the rfc2307bis schema using nss_schema
>>>>>> attribute in ldap.conf file
>>>>>>
>>>>>> # Enable support for RFC2307bis (distinguished names in group
>>>>>> # members)
>>>>>> nss_schema rfc2307bis
>>>>>>
>>>>>> and also, map the attributes of the rfc2307bis to the AD server schema
>>>>>> attributes.
>>>>>>
>>>>>> nss_map_attribute uid msSFU30Name
>>>>>> nss_map_attribute uidNumber msSFU30UidNumber
>>>>>> nss_map_attribute gidNumber msSFU30GidNumber
>>>>>> nss_map_attribute loginShell msSFU30LoginShell
>>>>>> nss_map_attribute gecos name
>>>>>> nss_map_attribute userPassword msSFU30Password
>>>>>> nss_map_attribute homeDirectory msSFU30HomeDirectory
>>>>>>
>>>>>>
>>>>>> Isn't there a way I can fetch the schema from the AD server and set it
>>>>>> using nss_schema ?.
>>>>>>
>>>>>> Basically, I am looking at fetching the schema/objectClass/Attributes
>>>>>> from the LDAP/AD server and make them as a client schema's so that I
>>>>>> don't have to keep doing the mapping using nss_map_attribute and
>>>>>> nss_schema.
>>>>>>
>>>>>> I am new to LDAP world, and I am sorry if I my question doesn't make
>>>>>> any
>>>>>> sense.
>>>>>>
>>>>>> I have seen lots of enterprise products which integrate with LDAP/AD.
>>>>>> They provide a user interface to map the server side schema
>>>>>> objectClass and attributes. I am trying to see if I can get rid of
>>>>>> this and do it internally.
>>>>>>
>>>>>> Thanks,
>>>>>> Vinay
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> To be or not to be -- Shakespeare | To do is to be -- Nietzsche | To
>>>>> be is to do -- Sartre | Do be do be do -- Sinatra
>>>>>
>>>>
>>>
>>>
>>>
>>> --
>>> To be or not to be -- Shakespeare | To do is to be -- Nietzsche | To
>>> be is to do -- Sartre | Do be do be do -- Sinatra
>>>
>>
>>
>
>
>
> --
> To be or not to be -- Shakespeare | To do is to be -- Nietzsche | To
> be is to do -- Sartre | Do be do be do -- Sinatra
>



-- 
To be or not to be -- Shakespeare | To do is to be -- Nietzsche | To
be is to do -- Sartre | Do be do be do -- Sinatra