• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Open LDAP Q's

M

Mellman

Diamond Member
I'm looking into it elsewhere - but thought i'd see what info was here.

I'm looking at setting up an open LDAP server, on a nix box. I want it to replicate with my active directory DC's using kerberos (need it to be secure but we're not using secure LDAP)

Does open LDAP do this out of the box? is there another LDAP application that does?

-matt
 
Originally posted by: Mellman
Does open LDAP do this out of the box?
Click to expand...
A bit of Googling suggests that this is impossible, though I don't know for sure. In any event, I have a hard time seeing how this could be a good choice. You're already making the much bigger choice to use an AD environment. And if you're doing that, it has to be far easier to use Windows slaves rather than try to make OpenLDAP work with AD. Even if it worked "out of the box" (essentially impossible for something as complex as raw LDAP) it would be a lot more work than all Windows servers.

 
Originally posted by: cleverhandle
Originally posted by: Mellman
Does open LDAP do this out of the box?
Click to expand...
A bit of Googling suggests that this is impossible, though I don't know for sure. In any event, I have a hard time seeing how this could be a good choice. You're already making the much bigger choice to use an AD environment. And if you're doing that, it has to be far easier to use Windows slaves rather than try to make OpenLDAP work with AD. Even if it worked "out of the box" (essentially impossible for something as complex as raw LDAP) it would be a lot more work than all Windows servers.
Click to expand...

I thought windows slaves went out with windows 2000 server? the fact that they no longer have "PDC's and BDC's" and they're all equal?

It'd be easier to just have our entire structure upgrade to support secure LDAP...but they dont want to do that for whatever reason (funny how a gov't contractor wouldn't want to use something with secure in its name"

 
I thought windows slaves went out with windows 2000 server? the fact that they no longer have "PDC's and BDC's" and they're all equal?
Click to expand...

True, there are some roles that you can assign to each server but they're all just DCs now.
 
Originally posted by: Mellman
I thought windows slaves went out with windows 2000 server? the fact that they no longer have "PDC's and BDC's" and they're all equal?
Click to expand...
Yes, AD is multi-master. I'm just letting OpenLDAP-speak drift over into AD-speak. The point is the same though - it's going to be very hard to have two different LDAP's replicate.
It'd be easier to just have our entire structure upgrade to support secure LDAP...but they dont want to do that for whatever reason (funny how a gov't contractor wouldn't want to use something with secure in its name"
Click to expand...
I don't understand what "secure LDAP" means in this context. LDAP that disallows anonymous binds? LDAP over an SSL channel? I gather from your comments that you want OpenLDAP because it can do something that AD cannot.

 
You must log in or register to reply here.

TRENDING THREADS

Back
Top