Open Ldap and Active directory

[idm_linux]

Dear All,

How we can implement the Openldap with active directory?
How we synchronize data from ADC to Ldap for better service?


Please anybody have some document or idea, please forward.

[jledhead]

what are you trying to do? openldap and AD are both directory services, meaning 2 seperate user databases. what are you trying to accomplish with openldap?

[thehemi]

Active Directory is an LDAP server.
Any reason for not just using that?

[mvellon]

This is not an easy problem. There are "meta directory" products such as Microsoft's ILM (used to be MIIS) and IBM Tivoli Identity Manager and others that do exactly this. You define multiple directories (or database) and map how attributes in one correspond to attributes in the other and the meta directory will invoke connectors to assure that changes are properly propagated to the participating directories.

For the most part, the metadirectory products are expensive and complicated to set up. To some extent, they are more development platforms than end-user products.

You might be better off considering how to get rid of one of the two directories and just consolidate on the remaining one. You may be using your LDAP server, however, for much more than authentication.