[Fedora-directory-users] FDS <-> AD Sync with Windows 2003 R2 using RFC2307 extensions
Howard Wilkinson
howard at cohtech.com
Thu Aug 23 08:58:26 UTC 2007
Howard Wilkinson wrote:
> We have an environment where we hold the RFC2307 attributes within our
> AD, this is based on a Windows 2003 R2 AD.
>
> We have established a sync agreement with our first FDS installation
> and would like to get the additional attributes synchronised into the
> FDS from AD. How and where do we add such facilities?
> --
>
> Howard Wilkinson
>
>
>
> Phone:
>
>
>
> +44(20)76907075
>
> Coherent Technology Limited
>
>
>
> Fax:
>
>
>
>
>
> 23 Northampton Square,
>
>
>
> Mobile:
>
>
>
> +44(7980)639379
>
> United Kingdom, EC1V 0HL
>
>
>
> Email:
>
>
>
> howard at cohtech.com
>
>
>
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
OK I have found out where this done! There is a piece of 'C' in the
server - 'ldap/servers/plugins/replication/windows_protocol_util.c'
which contains hard wired lists of attributes that can be synchronised.
Not what I had hoped for!
Is this the place to discuss extensions to the system? If so I would
like to propose that a mechanism be developed that would allow
additional schema entries to be mapped - ideally I would like to add
'userPrincipalName', the RFC2307 attributes (and possibly the SFU
extensions) as well as some of the exchange fields e.g. the
proxyAddresses entries. What I have in mind is a facility whereby the
sync agreement can have mapping tables added (using the same sets of
rules that are currently supported plus the ability to call out to an
external function to map single attributes - we will leave more complex
things to Meta-directories e.g. combining attributes) the tables being
driven from new objects held in the FDS.
Note sure how hard this is going to be to do - and I would need my hand
holding over where and how to make the changes - but I would be willing
to give this a go if we can agree a spec.
Anybody interested?
In the meantime I will implement an external sync process that uses our
meta-directory platform. .... Ho Humm!
--
Howard Wilkinson
Phone:
+44(20)76907075
Coherent Technology Limited
Fax:
23 Northampton Square,
Mobile:
+44(7980)639379
United Kingdom, EC1V 0HL
Email:
howard at cohtech.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20070823/089821fc/attachment.htm>
More information about the Fedora-directory-users
mailing list