directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Howard Chu <>
Subject Re: Synchronizing with Active directory on windows 2003 machine
Date Fri, 21 Dec 2007 23:33:39 GMT
Marc Boorshtein wrote:
>>> I was wondering if there is a method to synchronize the the existing Active
>>> directory of our company on windows 2003 server to Apache Directory ? .
>> You can write a script which export data from AD and import them to ADS
>> automatically. Or use a Virtual Directory to do the job.
>>> If there is then can any one help me determine how is it possible.
>> Somebody else ? I have no easy clue here ...
> Why are you trying to sync AD 2003 into ApacheDS (or any directory for
> that matter)?  AD can be accessed via LDAP just like ApacheDS (though
> AD has its own, peculiarities).  If you need to integrate an
> application with AD but need to map attributes, transform data... then
> there is either MyVirtualDirectory or Penrose.  If you really want to
> synchronize the two you could use Penrose's sync engine or the free
> version of Sun's Identity Manager.

> The main issue you will see with
> syncing is you can't easily sync passwords from AD.

Hm, all you need is a listener for MS's password sync agent. It's a trivial 
protocol, trivial piece of code. (And of course, the sync agent must be 
installed on the AD side.)
   -- Howard Chu
   Chief Architect, Symas Corp.
   Director, Highland Sun
   Chief Architect, OpenLDAP

View raw message