Re: Win2k LDAP and Linux oh my!

2001-02-15 Thread fke


On Thu, 15 Feb 2001, Nate Amsden wrote:

> ive seen a lot of reports that say active directory does NOT get along
> well
> with any other kind of directory service. its basically if you use it
> that
> is all you can use. i really feel sorry for anyone who is forced to use
> AD.
> 
> currently at my company we are using Netscape directory server 3.1 on
> a solaris 7 machine to provide LDAP address books, and we authenticate
> our VPNs via RADIUS not ldap(IMO radius makes more sense for that
> kind of stuff anyway :) ). i have extreme doubts you can get AD and
> a normal LDAP server to synch with each other.
> 
> iplanet products do not seem to work at all under debian so ..i'm
> not sure what to reccomend.
> 
> good luck with the AD stuff ..i wouldn't be caught dead using it.
> 
> nate

Hi,

but in case of Tom, IMO there is no requirement to synchronize any
directories. The firewall can authenticate users directly against AD via
LDAP. So can do your mail server, e.g. qmail or postfix (SMTP), and cyrus
(POP / IMAP).

Florian



Re: Win2k LDAP and Linux oh my!

2001-02-15 Thread Nate Amsden
ive seen a lot of reports that say active directory does NOT get along
well
with any other kind of directory service. its basically if you use it
that
is all you can use. i really feel sorry for anyone who is forced to use
AD.

currently at my company we are using Netscape directory server 3.1 on
a solaris 7 machine to provide LDAP address books, and we authenticate
our VPNs via RADIUS not ldap(IMO radius makes more sense for that
kind of stuff anyway :) ). i have extreme doubts you can get AD and
a normal LDAP server to synch with each other.

iplanet products do not seem to work at all under debian so ..i'm
not sure what to reccomend.

good luck with the AD stuff ..i wouldn't be caught dead using it.

nate

Tom Warfield wrote:
> 
> Alright bear with me on this one while I explain what i want to do:
> Currently we have a Win2K domain (running Active Directory), also were
> using the better things in life like Debian for our email and etc.  In the
> future were looking at installing a better firewall that has VPN support,
> and according to the company selling us the firewall we can use LDAP to
> authenticate users.
> Right now as it goes I have to setup the user on the Win2K server, 
> then on
> the email server.   Then in the future im going to have to also add them to
> the firewall.  Remote sites which i will be controlling are going to be the
> same way.  Plus right now we do not have any email address lists since were
> using outlook, well short of the users address book.  So with that in mind
> we wouldnt mind seeing the other important information for the person
> besides there email address like there phone number and etc pull up in
> Outlook.
> Okay with all this in mind, im thinking LDAP is my answer to all of
> these problems.   I should be able to setup everyone in LDAP and then LDAP
> will propogate all this information to the linux box, the firewall, the
> WIN2K server and also let my users query for addresses and information like
> that.  Or maybe I would input the information into Win2K box and the LDAP
> server would pass it around...none the less something has to be in place to
> connect these several different devices on the network, soon to be networks!
> 
> Any ideas would be appreciated.
> 
> Thanks,
> Tom
> 
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

-- 
:::
ICQ: 75132336
http://www.aphroland.org/
http://www.linuxpowered.net/
[EMAIL PROTECTED]



Re: Win2k LDAP and Linux oh my!

2001-02-14 Thread John L . Fjellstad
On Wed, Feb 14, 2001 at 04:55:38PM -0600, Tom Warfield wrote:

The thing to remember is that LDAP is a protocol (the P), not an application.

Try rereading your question, substituting Active Directory for Exchange and
LDAP for smtp and see how much sense the question makes.

AD understands LDAP.

-- 
John__
email: [EMAIL PROTECTED]   Quis custodiet ipsos custodes
icq: thales @ 17755648

#  I'm subscribed to this list, no need to cc:  ##


pgpTFKljZlUyD.pgp
Description: PGP signature