i'm struggling just with workgroups in FDS, it would sure be nice if there was a samba enable section and some explanations. I see ldapadmin is a ways ahead of the FDS console for user administration, but i'm seeing some problems with that. On 3/10/08, slat3dx slat3dx <slat3dx at gmail.com> wrote: > > Ivan - > > Thanks for the info! > > > On Mon, Mar 10, 2008 at 3:15 PM, Ivan Ferreira <iferreir at personal.com.py> > wrote: > > > Please see also: > > > > Twenty Questions to Ask Yourself During a Red Hat Directory Server > > Deployment by Satish Chetty > > > > www.redhat.com/f/pdf/whitepapers/RHDS_TwentyQuestions.pdf > > > > > > > > > > > > > > > > Para > > > > fedora-directory-users at redhat.co > > m > > "slat3dx slat3dx" > > cc > > <slat3dx at gmail.com> > > Enviado por: > > Asunto > > fedora-directory-users-b Help > > ounces at redhat.com with NIS->FDS & AD migration > > > > Clasificaci?n > > 10/03/2008 05:13 p.m. Uso Interno > > > > > > > > Por favor, responda a > > "General discussion list > > for the Fedora Directory > > server project." > > <fedora-directory-users@ > > redhat.com> > > > > > > > > > > > > > > > > Hello FDS users - > > > > I am learning as I go here so please excuse my ignorance. I have > > scoured > > over the Fedora and Redhat docs for Directory Server and read many > > threads > > from this list archive concerning Active Directory sync. I'm having > > trouble putting all the pieces together and would greatly appreciate > > some > > guidance from people that have already gone through this process :) > > > > I am in the process of migrating from NIS to LDAP. In our environment > > we > > run both Windows and Linux systems. For quite awhile we have been > > maintaining both NIS and Active Directory. Our goal is to move away > > from > > NIS and achieve single sign on for our users. I have installed and > > configured FDS, converted and imported our NIS maps as ldif. This > > worked > > beautifully. > > > > Can I create a sync agreement that only sends passwords from AD->FDS, > > nothing else and no updates from FDS->AD? > > I would like to configure our Linux clients to authenticate to AD with > > kerberos and use FDS as the LDAP server. I understand we need to > > install > > the password sync utility on one of our DC's and that when a user > > changes > > their password in AD the utility will capture it in plaintext and send > > to > > FDS. I also see that FDS and the pass sync have to be configured to > > share > > certificates for the SSL connection between them. > > > > Can the sync utility be restricted to one OU within AD? What access > > within > > AD is required for the utility to run? Domain Admin rights or can > > specific > > rights be delegated? > > > > I would really appreciate some steps for: configuring SSL on the AD and > > FDS > > side. Creating and testing the sync agreement. > > > > Thank you so much for the help!! > > > > Slat3dx > > > > > > > > -- > > Fedora-directory-users mailing list > > Fedora-directory-users at redhat.com > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > > > > ======================================================================================== > > AVISO LEGAL: Esta informaci?n es privada y confidencial y est? dirigida > > ?nicamente a su destinatario. Si usted no es el destinatario original de > > este mensaje y por este medio pudo acceder a dicha informaci?n por > > favor > > elimine el mensaje. La distribuci?n o copia de este mensaje est? > > estrictamente prohibida. Esta comunicaci?n es s?lo para prop?sitos de > > informaci?n y no debe ser considerada como propuesta, aceptaci?n ni como > > una declaraci?n de voluntad oficial de NUCLEO S.A. La transmisi?n de > > e-mails no garantiza que el correo electr?nico sea seguro o libre de > > error. > > Por consiguiente, no manifestamos que esta informaci?n sea completa o > > precisa. Toda informaci?n est? sujeta a alterarse sin previo aviso. > > > > This information is private and confidential and intended for the > > recipient only. If you are not the intended recipient of this message > > you > > are hereby notified that any review, dissemination, distribution or > > copying of this message is strictly prohibited. This communication is > > for > > information purposes only and shall not be regarded neither as a > > proposal, > > acceptance nor as a statement of will or official statement from NUCLEO > > S.A. . Email transmission cannot be guaranteed to be secure or > > error-free. > > Therefore, we do not represent that this information is complete or > > accurate and it should not be relied upon as such. All information is > > subject to change without notice. > > > > -- > > Fedora-directory-users mailing list > > Fedora-directory-users at redhat.com > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20080311/32e1ff1e/attachment.html
