Hello:

I use AD (Active Directory) for authentication and repository data.
But now I need to add new attributes to the LDAP of AD and we prefer to create a new parallel ldap using openLDAP.
That means I have to synchronize some attributes from one LDAP to another (no need password sync).
Ex: If I add/delete a user/group to AD, i need to replicate the user/gruop in openldap. And for speed purposes, I'll replicate some attributes from AD to openldap.

Can any tell me if is there any way or software to synchronize AD and openldap?

Thanks

Thank you. Interesting link which can help me. I'm going to try that option.

I've also seen "389 DS ldap":
http://www.linuxmail.info/389-direct...owto-centos-5/

And also, "openldap" with proxy to AD.
http://www.windowsitpro.com/content1...p/catpath/ldap

How do you solve the problem? I follow your links but I don't see there how to synchronize AD witn OpenLDAP.. Please help me!

Finally, I've not synchronized openldap and AD.

I've configured openldap to receive queries for Opendap and Active Directory (chaining) so openldap acts as a proxy for Active Directory.

If entry is in openldap, it returns the result to the client.
if entry is in Active Directory, openldap searches for it and return the result to the client.

Regards.

1 members found this post helpful.

I have decided to do the same, but I'm following
http://www.windowsitpro.com/content1...p/catpath/ldap

and I have the next error...

glue: no superior found for sub cn=pepito,dc=prueba,dc=com!
slaptest: subordinate configuration error


Any idea?

I tried with that link, but it didn't work for me.
Finally I had to add this at the bottom of configuration file (My ad domain is curso.red):

...
database ldap
uri "ldap://curso.red/"
suffix "dc=curso,dc=red"
chase-referrals yes
rebind-as-user yes

If it doesn't work, tell me.

Regards

1 members found this post helpful.

Thanks so much! It works correctly but in the uri I used the IP address.