I don't have anything done for that in particular. However, but for uidnumber I use a object in AD named CN=nextUIDNumber where I store the next uid in the description attribute. Rather than troll through AD and LDAP I just get/set that for the uidnumber attribute.
> -----Original Message----- > From: Prashanth Sundaram [mailto:psunda...@wgen.net] > Sent: Thursday, December 10, 2009 4:59 PM > To: perl-ldap@perl.org > Subject: LDAP and AD sync > > Folks, > > I am a n00b to perl scripting and need help to start building my own. I > am > currently working on a project where the LDAP(389-ds) and Active > Directory > are always in sync. I have a very minimal set of attributes and > conditions > to keep them in sync. > > Can anyone share their code, so that I can build around it? Here¹s my > requirement: > * Sync New users from AD to LDAP with attributes: sAMAccountName, sn, > givenName, description, userAccountControl(disable/enable), > * Delete LDAP accounts which are not present in AD and vice versa. > * Generate the next available uidnumber by parsing thru ldap, so new > users > can be created > * Check memberOf for 2 groups and if true add them to corresponding > groups > in LDAP > > If you have any of these modules written already, that would be great > help. > I am digging through the archive looking for related code. > > Thanks, > Prashanth