Hi,
our FDS contains a NIS-like structure of user accounts, Unix groups,
netgroups, mail aliases and sudoers entries. We manage everything in
Unix/Linux, using command-line tools and web pages that update the FDS and
NIS database files (generated from the LDAP server). We are not ready to
abandon NIS yet, hence this integration between LDAP and NIS.
We also use Active Directory, which has identical users and their
passwords in the AD format (I don't know what it is yet). Our problem is
that the users need to update the passwords twice, first in Linux/Unix and
then in Windows. This is a slight hassle for the users that we'd like to
remove. Also when a new account is created, it is first created in
Unix/Linux and then in Windows.
I read about the WindowsSync and PassSync, but I'm bit hesitant to add all
the "nt*" attributes to our schema, because all we want is to syncronize
the user names and passwords from FDS to AD. The passwords are stored in
{crypt} format in FDS. Any ideas how this could be done? Should I add
another attribute for the AD password?
Thank you,
Ville
