How to sync LDAP and AD? Please help!



Hi all,

I have a Linux server which provides LDAP directory services, and I need to
install a Citrix Metaframe server too, but I'm required to authenticate
against the LDAP database instead of hardcoded user accounts created on the
Citrix server.

I talked to a few people and it seems the best answer would be to have a DC
and replicate all LDAP user accounts in AD.

Can anyone help me do this?

Thanks in advance.


Herb Martin

You will probably do better with this question
in one of the programmer's -- maybe crossposting
here as well.

You are probably going to be writing something;
Perl has good LDAP libraries.....

Joe Richards [MVP]

There are several products that will do this such as LDSU, MIIS, and others but
from the adjectives used in the post (*a* linux server, *a* citrix server) I am
wondering if this person is going to be willing to spends thousand or tens of
thousands for a product when he probably only needs a basic LDAP sync that could
be a basic perl script.



Your're right Joe.

I've been told I can install Samba on the Linux server and set it up to use
the backend LDAP directory, and that way the Citrix server would see the
users and groups as if it was coming from a NT4 PDC.

What do you think? It would certainly put less stress on the Citrix server
since I wouldn't have to promote it to a DC...


Joe Richards [MVP]

That is definitely an option. However a Windows 2000 or better DC offers a great
deal of capability in the way of group policies and such for managing things.

Definitely test it well in your lab environment to make sure it works as expected.


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question