ive seen a lot of reports that say active directory does NOT get along
well
with any other kind of directory service. its basically if you use it
that
is all you can use. i really feel sorry for anyone who is forced to use
AD.
currently at my company we are using Netscape directory server 3.1 on
a solaris 7 machine to provide LDAP address books, and we authenticate
our VPNs via RADIUS not ldap(IMO radius makes more sense for that
kind of stuff anyway :) ). i have extreme doubts you can get AD and
a normal LDAP server to synch with each other.
iplanet products do not seem to work at all under debian so ..i'm
not sure what to reccomend.
good luck with the AD stuff ..i wouldn't be caught dead using it.
nate
Tom Warfield wrote:
>
> Alright bear with me on this one while I explain what i want to do:
> Currently we have a Win2K domain (running Active Directory), also were
> using the better things in life like Debian for our email and etc. In the
> future were looking at installing a better firewall that has VPN support,
> and according to the company selling us the firewall we can use LDAP to
> authenticate users.
> Right now as it goes I have to setup the user on the Win2K server,
> then on
> the email server. Then in the future im going to have to also add them to
> the firewall. Remote sites which i will be controlling are going to be the
> same way. Plus right now we do not have any email address lists since were
> using outlook, well short of the users address book. So with that in mind
> we wouldnt mind seeing the other important information for the person
> besides there email address like there phone number and etc pull up in
> Outlook.
> Okay with all this in mind, im thinking LDAP is my answer to all of
> these problems. I should be able to setup everyone in LDAP and then LDAP
> will propogate all this information to the linux box, the firewall, the
> WIN2K server and also let my users query for addresses and information like
> that. Or maybe I would input the information into Win2K box and the LDAP
> server would pass it around...none the less something has to be in place to
> connect these several different devices on the network, soon to be networks!
>
> Any ideas would be appreciated.
>
> Thanks,
> Tom
>
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
--
:::
ICQ: 75132336
http://www.aphroland.org/
http://www.linuxpowered.net/
[EMAIL PROTECTED]