directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lecharny <>
Subject Re: Synchronizing with Active directory on windows 2003 machine
Date Sat, 22 Dec 2007 00:48:00 GMT
Howard Chu wrote:
> Marc Boorshtein wrote:
>>>> I was wondering if there is a method to synchronize the the 
>>>> existing Active
>>>> directory of our company on windows 2003 server to Apache Directory 
>>>> ? .
>>> You can write a script which export data from AD and import them to ADS
>>> automatically. Or use a Virtual Directory to do the job.
>>>> If there is then can any one help me determine how is it possible.
>>> Somebody else ? I have no easy clue here ...
>> Why are you trying to sync AD 2003 into ApacheDS (or any directory for
>> that matter)?  AD can be accessed via LDAP just like ApacheDS (though
>> AD has its own, peculiarities).  If you need to integrate an
>> application with AD but need to map attributes, transform data... then
>> there is either MyVirtualDirectory or Penrose.  If you really want to
>> synchronize the two you could use Penrose's sync engine or the free
>> version of Sun's Identity Manager.
>> The main issue you will see with
>> syncing is you can't easily sync passwords from AD.
> Hm, all you need is a listener for MS's password sync agent. It's a 
> trivial protocol, trivial piece of code. (And of course, the sync 
> agent must be installed on the AD side.)

At this point, the real question is Marc's question : why do you need to 
sync AD with any LDAP server ?

To be more explicit, it's not 'is there any good reasons to do so?' but 
much more 'What are your exact needs ?'

cordialement, regards,
Emmanuel L├ęcharny

View raw message