[Fedora-directory-users] FDS <-> AD Sync with Windows 2003 R2 using RFC2307 extensions
Richard Megginson
rmeggins at redhat.com
Thu Aug 23 14:18:48 UTC 2007
Howard Wilkinson wrote:
> Howard Wilkinson wrote:
>> We have an environment where we hold the RFC2307 attributes within
>> our AD, this is based on a Windows 2003 R2 AD.
>>
>> We have established a sync agreement with our first FDS installation
>> and would like to get the additional attributes synchronised into the
>> FDS from AD. How and where do we add such facilities?
>> --
>>
>> Howard Wilkinson
>>
>>
>>
>> Phone:
>>
>>
>>
>> +44(20)76907075
>>
>> Coherent Technology Limited
>>
>>
>>
>> Fax:
>>
>>
>>
>>
>>
>> 23 Northampton Square,
>>
>>
>>
>> Mobile:
>>
>>
>>
>> +44(7980)639379
>>
>> United Kingdom, EC1V 0HL
>>
>>
>>
>> Email:
>>
>>
>>
>> howard at cohtech.com
>>
>>
>>
>> ------------------------------------------------------------------------
>>
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>
> OK I have found out where this done! There is a piece of 'C' in the
> server - 'ldap/servers/plugins/replication/windows_protocol_util.c'
> which contains hard wired lists of attributes that can be
> synchronised. Not what I had hoped for!
>
> Is this the place to discuss extensions to the system?
Yes, or fedora-directory-devel for more developer oriented discussions.
> If so I would like to propose that a mechanism be developed that would
> allow additional schema entries to be mapped - ideally I would like to
> add 'userPrincipalName', the RFC2307 attributes (and possibly the SFU
> extensions) as well as some of the exchange fields e.g. the
> proxyAddresses entries. What I have in mind is a facility whereby the
> sync agreement can have mapping tables added (using the same sets of
> rules that are currently supported plus the ability to call out to an
> external function to map single attributes - we will leave more
> complex things to Meta-directories e.g. combining attributes) the
> tables being driven from new objects held in the FDS.
+1
>
> Note sure how hard this is going to be to do - and I would need my
> hand holding over where and how to make the changes - but I would be
> willing to give this a go if we can agree a spec.
>
> Anybody interested?
Definitely. I would suggest creating a wiki page at
http://directory.fedoraproject.org/ Here is a good example of a feature
requirements + design document -
http://directory.fedoraproject.org/wiki/Account_Policy_Design
>
> In the meantime I will implement an external sync process that uses
> our meta-directory platform. .... Ho Humm!
>
>
> --
>
> Howard Wilkinson
>
>
>
> Phone:
>
>
>
> +44(20)76907075
>
> Coherent Technology Limited
>
>
>
> Fax:
>
>
>
>
>
> 23 Northampton Square,
>
>
>
> Mobile:
>
>
>
> +44(7980)639379
>
> United Kingdom, EC1V 0HL
>
>
>
> Email:
>
>
>
> howard at cohtech.com
>
>
>
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20070823/10f6783e/attachment.bin>
More information about the Fedora-directory-users
mailing list