ADAM hosting AD Users

Discussion in 'Active Directory' started by Yared, Sep 24, 2004.

  1. Yared

    Yared Guest

    This is what I'm trying to do:

    I have an application that creates a schema in AD. Since I don't want to
    modify my production AD, I'm hoping to use ADAM. Since my application does
    not support ldap referral chasing I need to be able to get my users that
    exist in my production schema hosted in ADAM somehow. This way, my
    application can create its schema in ADAM and modify whatever it wants there
    and still be able to access my production users without even touching my
    production AD. Does this makes sense?

    Can anybody tell me how I can do this with ADAM?

    Thanks,

    -yared
     
    Yared, Sep 24, 2004
    #1
    1. Advertisements

  2. Yared

    Lee Flight Guest

    Yes it makes sense, how you achieve it will really depend on the type
    of application and how it will deal with the linkage between the AD
    user and their ADAM shadow account. Have a look at the types of
    ADAM user objects that you can create in the ADAM technical reference

    http://www.microsoft.com/downloads/...f7-d932-4f59-852c-2844b343f3e0&displaylang=en

    Unfortunately there is not a lot of material available on this kind of
    ADAM usage scenario outside of a few powerpoint presentations.
    If you look at the options of using either (linked) windows accounts
    or ADAM user proxies in the document above and then
    read Dmitri Gavrilov's posting

    http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&selm=

    you should be off to a good start.

    Hope that helps
    Lee Flight
     
    Lee Flight, Sep 24, 2004
    #2
    1. Advertisements

  3. Yared

    Yared Guest

    Thanks Lee!! You're right, there isn't enough info about ADAM around. I find
    it hard to believe because from its description, it's an incredible product
    and yet nobody seems to know it even exists.

    Quick question, I installed ADAM and tried to do simple ldapsearch form a
    Linux machine but I can't bind using standard ldap parameters. Does it have
    special parameters that I should know about?

    Thanks,

    Yared
     
    Yared, Sep 24, 2004
    #3
  4. Yared

    Lee Flight Guest

    You should be able to do an anonymous bind to the rootDSE
    of your ADAM instance to prove connectivity

    ldapsearch -h [ADAM server name] -p [ADAM server port] -b "" -s base

    beyond that you will need to bind as there is no other anonymous
    access by default, so you will need to get SASL or SSL
    working between your Linux machine and the ADAM server.

    Lee Flight
     
    Lee Flight, Sep 24, 2004
    #4
  5. Yared

    Yared Guest

    That worked. I was getting bind errors because I was not specifying the
    scope. Thanks!!!

     
    Yared, Sep 24, 2004
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.