Tuesday, June 10, 2014

Re: [389-users] Sync from multiple Active Directories and 389 Directory Server

I also am interested in this topic. We are planning to migrate to 389, but we have multiple AD forests and will need to use password synchronization to one 389 LDAP instance. I am not very familiar with 389 yet, so I would like to know if this is possible. 


Daniel Franciscus

Systems Administrator

Information Technology Group

Institute for Advanced Study


From: "Artur Oliveira" <artur.oliveira@gmail.com>
To: 389-users@lists.fedoraproject.org
Sent: Friday, June 6, 2014 10:51:39 AM
Subject: [389-users] Sync from multiple Active Directories and 389 Directory        Server

I have an environment with multiple Active Directories Forests and several UNIX client machines
I have another LDAP Directory to authenticate UNIX users.
The problem with this implementation is that the users used and passwords used to authenticate in WIndows and Unix machines are different.
My idea is to use the Active Directories as main repositories for users and passwords.
I want to enable users of Active Directories to login in the UNIX client machines (Solaris, Linux and AIX) using their regular windows users and passwords.

I have a requirement to have the UIDs and GIDs of UNIX users consistent across all UNIX machines.

I am considering the use of 389 Directory Server to create a unique directory with the users from both Active Directories and configure all the Unix clients to use this directory.

I found several references to synchronisation between 389 Directory Server and Active Directory however i found no reference to a configuration with multiple Active Directories.

Is this possible ??
Does someone have some kind of suggestion to accomplish this goal ?

Thanks in advance 


389 users mailing list

No comments:

Post a Comment