Results 1 to 3 of 3

Thread: Active Directory to ADAM Sync Password question

  1. #1
    Join Date
    Jun 2008
    Location
    Kansas
    Posts
    1

    Active Directory to ADAM Sync Password question

    I was following this topic and wanted to ask if any one here have specific experience with ADAM and manageing users which are of the user objectClass. I am a computer programmer and maintain a php application (SSO) that communicates with ADAM thru LDAP. I have successfully set up my ADAM (AD LDS) instance on Windows Server 2003 and do use ADAMSync to sync user accounts from AD into ADAM with no real issues.

    I have setup a bind-user which is a userProxy object which successfully supports a simple bind (redirection to AD) providing Readers role access to ADAM via LDAP port 389. What I am doing is designing a LDAP SSO solution to support an AD/ADAM backend. This will afford me a simpe method to authenticate my users via a PHP application against Active Directory. I do have scheduled tasks configured and scripts written which help populate my ADAM instance with AD user accounts.

    My issue here is getting user passwords to Sync from AD -> ADAM for each distinguishedName (simple user account). When I used ADSIEdit to set the users password in ADAM my PHP application will authenticate via LDAP and pull the sAMAccountName and password for simple authentication. The main issue I am having is getting those passwords (userPassword) which is defined in AD to successfully Sync with ADAM for each user object class that is enabled in AD.

    Any help would be simply appreciated as I am fairly new to how AD stores user account password info. I have made note that the userPassword attribute is available but not set in ADAM. Is it possible to modify the ADAMSync.xml to sync passwords for each AD user instance in ADAM? If not how can I get those user passwords from AD into ADAM.

    Thanks in advance!!

  2. #2
    Join Date
    Feb 2006
    Posts
    335

    Re: Active Directory to ADAM Sync Password question

    I dont think you can read passwords out of AD or sync them with ADAMSync. But I cant understand something as bind proxy objects are designed specifically so that you can have an object in ADAM to do a simple bind on and have the actual authentication be performed directly against AD, thus eliminating the need to sync the password in the first place.

  3. #3
    Join Date
    Dec 2005
    Posts
    945

    Re: Active Directory to ADAM Sync Password question

    Incase you would like to synchronize objects from AD to ASAM and also would like to synchronize passwords then you can deploy IIFP and PCNS that will do exactly what you need to do.

Similar Threads

  1. Active directory backup / restore question
    By Bhuvan in forum Active Directory
    Replies: 1
    Last Post: 11-05-2011, 01:10 AM
  2. active-directory - ADAM
    By DataPowerUser in forum Windows Software
    Replies: 1
    Last Post: 01-05-2011, 11:39 AM
  3. Does Live meeting need active directory sync
    By Puloma in forum Windows Software
    Replies: 3
    Last Post: 13-10-2010, 06:05 AM
  4. Active directory groups refresh question
    By Mark Clark in forum Active Directory
    Replies: 8
    Last Post: 19-03-2008, 06:59 PM
  5. Sync Active Directory with openldap
    By Vera Noest in forum Active Directory
    Replies: 2
    Last Post: 28-05-2007, 07:41 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,710,847,890.33682 seconds with 17 queries