Re: syncronizing users to 389ds from Azure AD

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Will,

Thanks for the below. My next question for 389ds what language would this need to be developed in?

Regards,
Jonathan

-----Original Message-----
From: William Brown <wbrown@xxxxxxx> 
Sent: Friday, 10 July 2020 05:01
To: 389-users@xxxxxxxxxxxxxxxxxxxxxxx
Subject: [389-users] Re: syncronizing users to 389ds from Azure AD



> On 10 Jul 2020, at 11:57, Jonathan Aquilina <jaquilina@xxxxxxxxxxxxx> wrote:
> 
> Hi William,
> 
> This is something I would love to work with the community on and help to develop myself just not sure where I would start.

There are a few ways you could approach it. One way would be an external daemon that runs and feeds data into a seperate 389 topology.

Another way would be a new "replication plugin" in the server so that 389 can consume data from azure AD.

But both of them will need to read data from azure AD and know:

* What have we seen before?
* What's changed?
* How to transform the azure ad entry to something 389 can understand.

So I think the first place to start is knowing what API's azure AD has for external applications to synchronise data from azure AD. (Getting back into azure is another problem of it's own that can be for later).

Maybe these two urls are a starting point. 

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-endpoint-api-v2

OR

https://docs.microsoft.com/en-us/graph/api/resources/synchronization-overview?view=graph-rest-beta

So I think that's where to start. Then you could probably write a toy-demo application that can read from the sync api. Then you can build it out from there to push data to 389. 

Does that help? 





> 
> 
> -----Original Message-----
> From: William Brown <wbrown@xxxxxxx>
> Sent: Friday, 10 July 2020 01:26
> To: 389-users@xxxxxxxxxxxxxxxxxxxxxxx
> Subject: [389-users] Re: syncronizing users to 389ds from Azure AD
> 
> 
> 
>> On 10 Jul 2020, at 02:19, Jonathan Aquilina <jaquilina@xxxxxxxxxxxxx> wrote:
>> 
>> Hi Guys,
>> 
>> I am just wondering is it possible to sync users from Azure AD to a 389ds server?
> 
> I don't know of anyone that has done it today, but that doesn't mean 
> it's not possible. It also depends what Azure AD offers for consuming 
> their data. So I think some work would be needed, but as a project, 
> we'd love to support you and advise in anyway we can if you want to do 
> this (but sadly like anything we don't have time to implement it on 
> your behalf today :( )
> 
>> 
>> Regards,
>> Jonathan Aquilina
>> EagleEyeT
>> 
>> Phone: +356 2033 0099
>> Moblie + 356 7995 7942
>> Email: sales@xxxxxxxxxxxxx
>> Website: https://eagleeyet.net
>> 
>> _______________________________________________
>> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To 
>> unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
>> Fedora Code of Conduct: 
>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
>> List Guidelines: 
>> https://fedoraproject.org/wiki/Mailing_list_guidelines
>> List Archives: 
>> https://lists.fedoraproject.org/archives/list/389-users@lists.fedorap
>> r
>> oject.org
> 
>
> Sincerely,
> 
> William Brown
> 
> Senior Software Engineer, 389 Directory Server SUSE Labs 
> _______________________________________________
> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To 
> unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
> Fedora Code of Conduct: 
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: 
> https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: 
> https://lists.fedoraproject.org/archives/list/389-users@lists.fedorapr
> oject.org _______________________________________________
> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To 
> unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
> Fedora Code of Conduct: 
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: 
> https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: 
> https://lists.fedoraproject.org/archives/list/389-users@lists.fedorapr
> oject.org

—
Sincerely,

William Brown

Senior Software Engineer, 389 Directory Server SUSE Labs _______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux