[Fedora-directory-users] Help with NIS->FDS & AD migration
solarflow99
solarflow99 at gmail.com
Tue Mar 11 10:01:52 UTC 2008
i'm struggling just with workgroups in FDS, it would sure be nice if there
was a samba enable section and some explanations. I see ldapadmin is a
ways ahead of the FDS console for user administration, but i'm seeing some
problems with that.
On 3/10/08, slat3dx slat3dx <slat3dx at gmail.com> wrote:
>
> Ivan -
>
> Thanks for the info!
>
>
> On Mon, Mar 10, 2008 at 3:15 PM, Ivan Ferreira <iferreir at personal.com.py>
> wrote:
>
> > Please see also:
> >
> > Twenty Questions to Ask Yourself During a Red Hat Directory Server
> > Deployment by Satish Chetty
> >
> > www.redhat.com/f/pdf/whitepapers/RHDS_TwentyQuestions.pdf
> >
> >
> >
> >
> >
> >
> >
> > Para
> >
> > fedora-directory-users at redhat.co
> > m
> > "slat3dx slat3dx"
> > cc
> > <slat3dx at gmail.com>
> > Enviado por:
> > Asunto
> > fedora-directory-users-b [Fedora-directory-users] Help
> > ounces at redhat.com with NIS->FDS & AD migration
> >
> > Clasificación
> > 10/03/2008 05:13 p.m. Uso Interno
> >
> >
> >
> > Por favor, responda a
> > "General discussion list
> > for the Fedora Directory
> > server project."
> > <fedora-directory-users@
> > redhat.com>
> >
> >
> >
> >
> >
> >
> >
> > Hello FDS users -
> >
> > I am learning as I go here so please excuse my ignorance. I have
> > scoured
> > over the Fedora and Redhat docs for Directory Server and read many
> > threads
> > from this list archive concerning Active Directory sync. I'm having
> > trouble putting all the pieces together and would greatly appreciate
> > some
> > guidance from people that have already gone through this process :)
> >
> > I am in the process of migrating from NIS to LDAP. In our environment
> > we
> > run both Windows and Linux systems. For quite awhile we have been
> > maintaining both NIS and Active Directory. Our goal is to move away
> > from
> > NIS and achieve single sign on for our users. I have installed and
> > configured FDS, converted and imported our NIS maps as ldif. This
> > worked
> > beautifully.
> >
> > Can I create a sync agreement that only sends passwords from AD->FDS,
> > nothing else and no updates from FDS->AD?
> > I would like to configure our Linux clients to authenticate to AD with
> > kerberos and use FDS as the LDAP server. I understand we need to
> > install
> > the password sync utility on one of our DC's and that when a user
> > changes
> > their password in AD the utility will capture it in plaintext and send
> > to
> > FDS. I also see that FDS and the pass sync have to be configured to
> > share
> > certificates for the SSL connection between them.
> >
> > Can the sync utility be restricted to one OU within AD? What access
> > within
> > AD is required for the utility to run? Domain Admin rights or can
> > specific
> > rights be delegated?
> >
> > I would really appreciate some steps for: configuring SSL on the AD and
> > FDS
> > side. Creating and testing the sync agreement.
> >
> > Thank you so much for the help!!
> >
> > Slat3dx
> >
> >
> >
> > --
> > Fedora-directory-users mailing list
> > Fedora-directory-users at redhat.com
> > https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >
> >
> >
> > ========================================================================================
> > AVISO LEGAL: Esta información es privada y confidencial y está dirigida
> > únicamente a su destinatario. Si usted no es el destinatario original de
> > este mensaje y por este medio pudo acceder a dicha información por
> > favor
> > elimine el mensaje. La distribución o copia de este mensaje está
> > estrictamente prohibida. Esta comunicación es sólo para propósitos de
> > información y no debe ser considerada como propuesta, aceptación ni como
> > una declaración de voluntad oficial de NUCLEO S.A. La transmisión de
> > e-mails no garantiza que el correo electrónico sea seguro o libre de
> > error.
> > Por consiguiente, no manifestamos que esta información sea completa o
> > precisa. Toda información está sujeta a alterarse sin previo aviso.
> >
> > This information is private and confidential and intended for the
> > recipient only. If you are not the intended recipient of this message
> > you
> > are hereby notified that any review, dissemination, distribution or
> > copying of this message is strictly prohibited. This communication is
> > for
> > information purposes only and shall not be regarded neither as a
> > proposal,
> > acceptance nor as a statement of will or official statement from NUCLEO
> > S.A. . Email transmission cannot be guaranteed to be secure or
> > error-free.
> > Therefore, we do not represent that this information is complete or
> > accurate and it should not be relied upon as such. All information is
> > subject to change without notice.
> >
> > --
> > Fedora-directory-users mailing list
> > Fedora-directory-users at redhat.com
> > https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >
> >
>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20080311/32e1ff1e/attachment.html>
More information about the 389-users
mailing list