[389-users] Perl/python script to sync with AD

Rich Megginson rmeggins at redhat.com
Fri Nov 6 18:56:56 UTC 2009

Prashanth Sundaram wrote:
> Dear All,
> I finally got the 389-ds working with PAM-PTA and everything looks 
> fine so far. I am investigating on scripting the AD sync using 
> perl/python/ldapscripts(shell). Anybody has any advice on the choice. 
> I see perl’s Net:LDAP is pretty comprehensive with easy to use 
> functions, but just in case if your opinion differs. I have a Perl 
> script which partially does the job and wouldn't mind sharing if you 
> want to take a peep.
> requirements:
>    1. Sync one-way from AD --> LDAP with only posix attributes.
>    2. Disable/delete accounts in ldap if disabled/deleted in AD.
>    3. Sync Groups and its members.
Sounds very nice. I'm sure the 389 community would be interested. Is the 
code available on the web somewhere? What is the license?

I have a python-ldap module which implements support for the AD DirSync 
control (which is what 389 winsync uses to get changes from AD). It is 
available here - http://github.com/richm/scripts - dirsyncctrl.py

If you need a place to keep track of your code, I recommend github.
>   1.
> PS: I am a newbie with scripting.
> Thanks,
> Prashanth
> ------------------------------------------------------------------------
> --
> 389 users mailing list
> 389-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3258 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20091106/0c7754be/attachment.bin>

More information about the Fedora-directory-users mailing list