[389-users] Migration from OpenLDAP and PassSync with AD
Rich Megginson
rmeggins at redhat.com
Thu Jul 9 15:03:00 UTC 2009
Prashanth Sundaram wrote:
> Dear fellow Fedora DS users and experts,
>
> I am working on this new project where there is a two step process. We
> are currently using a poorly managed OpenLDAP server for over 3 years
> and planning to migrate to Fedora DS.
>
> Scenario: OPenLDAP=====Migrate all users and passwords===> Fedora DS
> <----------PassSync------->Windows AD
>
> Question1: Is it possible to migrate current users (around 300users)
> from OpenLDAP to Fedora DS along with the UIDs, Security id and
> passwords. Like everything looks same in users perspective.
>
> Question2: Is is possible to create a password sync between FDS and AD
> for all the above users. Yes, the username is same in both the
> directories.
>
> Question2.1: The users are stored with different
> Security IDs in windows environment than in OpenLDAP or FDS. Will that
> pose a problem?
>
> Question2.2: We have several domain controllers and
> Active Directory server which run in sync. Since the PassSync can only
> run on one server, will it be a problem that some passwords do not get
> sync because the user changed it on XP which redirected to a another
> server (without PassSync)?
You must install PassSync on all domain controllers. PassSync can run
on more than one AD server. I guess we're not very clear about this in
the documentation, because it seems to be common misperception that
PassSync can run on only one server.
>
> If any of you has gone thru these issues and anything more, please
> respond to this thread or give me links.
>
> Thanks for your help and patience.
> Prashanth
> ------------------------------------------------------------------------
>
> --
> 389 users mailing list
> 389-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3258 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20090709/52e20c45/attachment.bin>
More information about the Fedora-directory-users
mailing list