'Re: Active directory and openldap'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openldap-software
Subject:    Re: Active directory and openldap
From:       jehan procaccia <jehan.procaccia () int-evry ! fr>
Date:       2003-09-29 16:17:37
[Download RAW message or body]

it's quite an old mail ..., but do you finally wrote this document on 
changing password both in openldap and AD ? it is very interesting to us !

Thanks.

Michel Lacle wrote:
> Hi Howard,
> 
> In fact we do have a perl script, and a dll that allow this to happen. I
> will work on this document on the  weekend to describe in detail who we
> solve the password thing between Active Directory and OpenLDAP.
> 
> Sincerely,
> Michel.
> 
> On Fri, 23 May 2003, Jehan PROCACCIA wrote:
> 
> 
>>Do you happen to have a sample source perl code to transform the
>>cleartext password to Unicode unicodePwd attribute for AD ?
>>Also as anyone implemented a protected connection "SASL/GSSAPI or TLS)
>>to bind to AD as a privileged user to make these changes" .
>>
>>Thanks.
>>
>>
>>Howard Chu wrote:
>>
>>>Yes, it's feasible to set up an OpenLDAP master that uses slurpd to replicate
>>>changes into AD. The one catch is that you must use cleartext passwords if
>>>you want them to be replicated, and you must transform the UTF-8 userPassword
>>>from OpenLDAP into the Unicode unicodePwd attribute during the replication.
>>>Generally I use a bit of perl code to do this step. And of course, you must
>>>use a protected connection (SASL/GSSAPI or TLS) to bind to AD as a privileged
>>>user to make these changes.
>>>
>>>  -- Howard Chu
>>>  Chief Architect, Symas Corp.       Director, Highland Sun
>>>  http://www.symas.com               http://highlandsun.com/hyc
>>>  Symas: Premier OpenSource Development and Support
>>>
>>
>>
>>
>>--
>>Jehan Procaccia 			| Ingenieur Systemes & Reseaux
>>Institut National des Telecommunications| Tel : +33 (0) 160764436
>>MCI, Moyens Communs Informatiques  | Mail: Jehan.Procaccia@int-evry.fr
>>9 rue Charles Fourier 91011 Evry France | Fax : +33 (0) 160764321
>>
>>
> 
> 


-- 
Jehan Procaccia, Ingenieur Systemes & Reseaux
Institut National des Telecommunications, Tel : +33 (0) 160764436
MCI,Moyens Communs Informatiques, Mail: Jehan.Procaccia@int-evry.fr
9 rue Charles Fourier 91011 Evry France, Fax : +33 (0) 160764321


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic