NTLM LDAP synchronization
James McDonald
james
Tue Feb 22 07:49:22 PST 2005
Chong Yu Meng wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi all,
>
> I was presented with an interesting problem today:
>
> I have a Windows NT server that contains the user login IDs and
> passwords. I need to extract or somehow synchronize the existing user
> IDs and passwords with an external LDAP directory. I Googled around and
> the best I could come up with was a HOWTO for installing LDAP and Samba
> and getting both synchronized. The problem is that this HOWTO assumes
> that there are no existing users and we are starting with a clean slate.
> This is not the case I am facing now, where there are live users on the
> NT server.
>
> One way I can think of is cracking each password and adding them into
> the LDAP, but besides the potential legal and ethical issues, this
> manual method will break down when users change their passwords.
>
> Novell has a solution for this called DirXML, but the solution I need to
> come up with should be free, hopefully Open Source and not be from
> dubious sources.
>
> Does anyone know of an existing extraction or synchronization tool?
>
> Thanks in Advance!
What it sounds like you are after is a single sign on solution and that
sounds like the province of people that charge for their services and IP.
winbindd could handle the NT user/password enumeration but as far as
interfacing it with LDAP I don't know of any OSS glue for that...
You would need some sort of authentication redirector to let the LDAP
server know when it has to hand the task to winbindd/NT... which sounds
like code to me
More information about the Linux-users
mailing list