Re: is the AD LDAP interface domain trust aware?
- From: "Joe Kaplan \(MVP - ADSI\)" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 25 Apr 2005 13:45:16 -0500
This might also be the kind of thing that you could use ADAM and MIIS to
support. Essentially, you build the forest you need for your Windows stuff,
and then for your apps that need a flat namespace, you sync the appropriate
goo to ADAM and do your authentication and authorization against it.
Using the GC first is probably better if it will work as it doesn't require
any of that additional complexity, but I can definitely imagine some
situations where using ADAM would make things much more simple (or even just
"possible").
Joe K.
"Joe Richards [MVP]" <humorexpress@xxxxxxxxxxx> wrote in message
news:O47RQnbSFHA.2136@xxxxxxxxxxxxxxxxxxxxxxx
> Websphere against a multidomain environment can be a pain in the ***, a
> couple of years ago I worked a little with integration analysts at a
> Fortune 5 company trying to do it.
>
> Depending on the information you need to pull, you may be ok as long as
> you only let websphere hit Global Catalogs. Basically the info has to be
> in the GC. If the information is not in the GC, you will need to query a
> DC of the proper domain to get the information needed.
>
> joe
>
> --
> Joe Richards Microsoft MVP Windows Server Directory Services
> www.joeware.net
>
>
> David Burghgraeve wrote:
>> Hi there,
>>
>> We're thinking out a concept for our company with forests and/or
>> child-domains. We now have a single domain (internationally) for all of
>> our client infrastructure needs. As we also incorporated our Linux
>> Websphere Java Applications in this same Active Directory Domain
>> (Windows2003 NATIVE mode) with Authentication and authorisation through
>> LDAP,
>> we're now heading to a situation that our company growth & complexity
>> doesn't match our "one domain security" setup anymore.
>>
>> If I create a new domain beside or as a child domain (transitive trusts),
>> can I use LDAP query's on this 2 domain situation on one domain
>> controller (as LDAP config cannot choose it's LDAP server, is a fixed
>> security config)
.
- Follow-Ups:
- Re: is the AD LDAP interface domain trust aware?
- From: Joe Richards [MVP]
- Re: is the AD LDAP interface domain trust aware?
- References:
- is the AD LDAP interface domain trust aware?
- From: David Burghgraeve
- Re: is the AD LDAP interface domain trust aware?
- From: Joe Richards [MVP]
- is the AD LDAP interface domain trust aware?
- Prev by Date: Re: HELP - Must Remove AD but can only access DSRMode!
- Next by Date: RE: HELP - Must Remove AD but can only access DSRMode!
- Previous by thread: Re: is the AD LDAP interface domain trust aware?
- Next by thread: Re: is the AD LDAP interface domain trust aware?
- Index(es):
Loading
