LDAP and Active Directory? Together?

Created by Michael Guentzel (University of Texas at Austin) on October 21, 2005

I sat through a very interesting session this afternoon that discussed having LDAP and AD coexist and talk to each other.

Session Details Track 5 Thursday, October 20, 2005 2:20 p.m. - 3:10 p.m. Meeting Room W207C Speaker(s)

* Harold Esche, Chief Information Officer, University of Calgary

* Jeremy Mortis, Manager, Web and Email Services, University of Calgary

* Session convener: Reba C. McMillan, Network Administrator, Boise State University

Abstract Managing identities across multiple systems and platforms is challenging. Learn how the University of Calgary provides unified user authentication and authorization services across the enterprise via an integrated metadirectory built on LDAP and Active Directory.

The guys at University of Calgary are attempting to have all of their authentication occur within a LDAP directory with some synchronization that occurs with Active Directory. McCombs has a similar dilemma and I was able to pick up a few ideas.

It's a little confusing, but basically U of C has set up an identity vault that houses all of your different types of authentication. As long as you log in through their portal, you will be given the appropriate amout of access based on the application. You can log into your UNIX account or your Exchange account using a single Userid and password.

The tricky bit is dealing with the synchronization between LDAP and AD. Apparently it's not possible to simply copy. You need synchronization software.

Something else to mull over...later.

EDUCAUSE_ANNUAL

Mike's blog
Login or register to post comments
6137 reads

		LDAP and Active Directory? Together? Created by Michael Guentzel (University of Texas at Austin) on October 21, 2005 I sat through a very interesting session this afternoon that discussed having LDAP and AD coexist and talk to each other. Session Details Track 5 Thursday, October 20, 2005 2:20 p.m. - 3:10 p.m. Meeting Room W207C Speaker(s) * Harold Esche, Chief Information Officer, University of Calgary * Jeremy Mortis, Manager, Web and Email Services, University of Calgary * Session convener: Reba C. McMillan, Network Administrator, Boise State University Abstract Managing identities across multiple systems and platforms is challenging. Learn how the University of Calgary provides unified user authentication and authorization services across the enterprise via an integrated metadirectory built on LDAP and Active Directory. The guys at University of Calgary are attempting to have all of their authentication occur within a LDAP directory with some synchronization that occurs with Active Directory. McCombs has a similar dilemma and I was able to pick up a few ideas. It's a little confusing, but basically U of C has set up an identity vault that houses all of your different types of authentication. As long as you log in through their portal, you will be given the appropriate amout of access based on the application. You can log into your UNIX account or your Exchange account using a single Userid and password. The tricky bit is dealing with the synchronization between LDAP and AD. Apparently it's not possible to simply copy. You need synchronization software. Something else to mull over...later. EDUCAUSE_ANNUAL Mike's blog Login or register to post comments 6137 reads
		© Copyright 1999-2009 EDUCAUSE Need Help? \| Feedback \| Privacy Policy
	Unless otherwise noted, EDUCAUSE holds the copyright on all materials published by the association, whether in print or electronic form. In certain cases the work remains the intellectual property of the individual author(s) (see Special Circumstances). Content from conference speeches, presentations, blogs, wikis and feeds reflect the opinions of the author, and not necessarily those of EDUCAUSE or its members.