Quote from an online article I was reading:...
"Active Directory is based on standard directory access protocols (such as
Lightweight Directory Access Protocol or LDAP)-which means it can
interoperate with other directory services employing these protocols"
Linux supports LDAP, so would it be possible to use Windows LDAP
functionality in Linux (for things like authentication). I'm more interested
in links to docs that might explain how to go about doing that.
TIA.
Kind Regards,
--
Tanuj Shah (ts86)
ta...@ts86.net
> Hi all,
>
> Quote from an online article I was reading:...
>
> "Active Directory is based on standard directory access protocols (such
> as Lightweight Directory Access Protocol or LDAP)-which means it can
> interoperate with other directory services employing these protocols"
>
> Linux supports LDAP, so would it be possible to use Windows LDAP
> functionality in Linux (for things like authentication). I'm more
> interested in links to docs that might explain how to go about doing
> that.
M$ found a tiny point in the LDAP spec which allows a 'vendor-specific'
field, and they built their entire architecture into that field. So yes,
on the wire it looks like LDAP, but not as anyone else would recognise it.
If you want to know what goes into that vendor-specific field you will
have to pay M$ tens of thousands of dollars and sign a non-disclosure form.
There has been much unpleasantness among LDAP developers over this, and I
believe that loophole has been closed in the latest version of the spec.
--
Dave Pickles
Well, Well What a surprise !!
Dave
> M$ found a tiny point in the LDAP spec which allows a 'vendor-specific'
> field, and they built their entire architecture into that field. So yes,
> on the wire it looks like LDAP, but not as anyone else would recognise it.
I'm stunned. Not. What next? Writing entire pages for internet explorer v.7
inside <!-- and --> ? I'm having nightmare visions about IPv6 already...
> If you want to know what goes into that vendor-specific field you will
> have to pay M$ tens of thousands of dollars and sign a non-disclosure
> form.
Is there any likelyhood that someone will do with this what the samba team
did with SMB? I'm sure that by the time they do, M$ will have moved the
goalposts again.
alexd
> M$ found a tiny point in the LDAP spec which allows a 'vendor-specific'
> field, and they built their entire architecture into that field. So yes,
> on the wire it looks like LDAP, but not as anyone else would recognise it.
Maybe someone should check every protocol, considering
this isn't the first time Microsoft have done this
kind of thing...
--
Mark Evans
St. Peter's CofE High School
Phone: +44 1392 204764 X109
Fax: +44 1392 204763