Chapter 19. Synchronizing Red Hat Directory Server with Microsoft Active Directory
460
Directory Server
Active Directory
ntUserProfile
profilePath
ntUserParms
userParameters
ntUserWorkstations
userWorkstations
Table 19.1. User Schema Mapped between Directory Server and Active Directory
cn
physicalDeliveryOfficeName
description
postOfficeBox
destinationIndicator
postalAddress
facsimileTelephoneNumber
postalCode
givenName
registeredAddress
homePhone
sn
homePostalAddress
st
initials
street
l
telephoneNumber
teletexTerminalIdentifier
manager
telexNumber
mobile
title
o
userCertificate
ou
x121Address
pager
Table 19.2. User Schema That Are the Same in Directory Server and Windows Servers
19.3.2. Synchronizing Groups
All existing Windows groups are synchronized to the Directory Server during the first total update
(when synchronization first begins). When a new Windows group is created, a corresponding entry is
automatically created on the peer Directory Server if that option is selected in the sync agreement.
Similar to user entries, Directory Server group entries are synchronized if they have the
ntGroup
object class.
Like with Directory Server entries, there are two attributes that control creation and deletion of entries
in Active Directory,
ntGroupCreateNewAccount
and
ntGroupDeleteAccount
.
Additionally, groups have the following two attributes:
•
ntUniqueId.
This contains the value of the
objectGUID
attribute for the corresponding Windows
entry. This attribute is set by the synchronization process and should not be set or modified
manually.
•
ntGroupType.
This is set automatically for Windows groups that are synchronized over, but this
attribute must be set manually on Directory Server entries before they will be synched.
The membership of groups is synchronized with the constraint that only those members that are also
within the scope of the agreement are propagated. Group members that are not within the scope of
the agreement are left unchanged on both sides.
Содержание DIRECTORY SERVER 8.0
Страница 18: ...xviii ...
Страница 29: ...Configuring the Directory Manager 11 6 Enter the new password and confirm it 7 Click Save ...
Страница 30: ...12 ...
Страница 112: ...94 ...
Страница 128: ...110 ...
Страница 190: ...Chapter 6 Managing Access Control 172 4 Click New to open the Access Control Editor ...
Страница 224: ...206 ...
Страница 324: ...306 ...
Страница 334: ...316 ...
Страница 358: ...340 ...
Страница 410: ...392 ...
Страница 420: ...402 ...
Страница 444: ...426 ...
Страница 454: ...436 ...
Страница 464: ...446 ...
Страница 484: ...466 ...
Страница 512: ...494 ...
Страница 522: ...504 ...