On 07/22/2014 07:56 AM, Mihai Carabas wrote:
On Tue, Jul 22, 2014 at 4:43 PM, Rich Megginson <rmegg...@redhat.com> wrote:
On 07/22/2014 04:05 AM, Mihai Carabas wrote:
Hi,
We are currently using 389-DS as a LDAP server for our university
(University Politehnica from Bucharest). Right now we have about 35000
accounts created into the 389-DS. We need to synchronize all the
accounts with an Active Directory server for various purposes (Wifi
authentication/e-mail authentication, etc). I've setup the 389-DS /
Active Directory replication succesfully but we have a design problem:
a very high number of users has the username (uid: field) larger than
20 characters and I can't pass this uid to the ntUserDomainId (which
is equivelant with the sAMAccount in AD). Is there any way that I can
populate the userPrincipalName with this uid? (which does not have the
limit indicated above)
Is the problem that the 389 uid attribute has values greater than 20
characters, and when windows sync adds these users to AD, it tries to write
the uid value into the samAccountName field, and this is rejected because
the samAccountName field does not allow more than 20 characters? So you
Yes this is my main problem. If you have other suggestions/solutions
they are welcome (we can't modify the usernames because these
usernames are already used and stored by various applications in their
own databases and we would create a chaos).
I don't think it is possible to solve this problem currently. Please
file a ticket at https://fedorahosted.org/389/newticket
want to instead write the uid attribute value to the userPrincipalName
field? I think we would still need to write some value to samAccountName -
what value should we use?
I can generate a unique value for each of them, based on some other
INFO (like personal number, date of birth).
Thanks,
Mihai
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
