We are experimenting with Fedora Directory Server and trying to sync it to AD. Setting up SSL for both and initiating sync was successful. However, it seems that DN in AD is constructed from the CN, which is the full name. However, that's neigh impossible, since DN has a unique constraint, but full names are seldom unique, and particularly not here in Iceland. For example, my organization has at least 10 people called "Krist?n J?nsd?ttir". I regard AD as broken by design in this regard. My question is, can this be fixed? What would be the right way to approach this problem? -- El?as Halld?r ?g?stsson | Elias Halldor Agustsson Unix Kerfisstj?ri | Unix Systems Administrator Reiknistofnun H?sk?la ?slands | University of Iceland Computing Services http://elias.rhi.hi.is/ | +354 525 4903
