Re: ADAM woes
- From: "Lars W. Andersen" <larswandersen@xxxxxxxxxxxxxxxx>
- Date: Mon, 14 Aug 2006 10:06:42 +0200
"Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx> wrote
in message news:eDkZ50xvGHA.724@xxxxxxxxxxxxxxxxxxxxxxx
I'm pretty sure you can supply credentials to ADAMSync in order to access
AD. The domain membership thing makes it convenient, but I don't think it
is necessary. Unfortunately, I'm not an ADAMSync expert, so I don't know
exactly how to do it. :)
Ok thanks .. I'll google around for that then.
I think the approach you are taking (with a local ADAM instance) could
work fine, as long as you are doing mostly LDAP stuff against AD and know
where they differ.
I'm not sure if I'd use ADAMSync in your case, though. I think you mght
be better off building up an LDIF script based on a dump of fixed AD data
so that you can quickly bring up an ADAM instance into a know state and
then just leave it alone. The LDIF script gives you a text-based file you
can stick in source control so that when you bring on new devs, you can
easily give them the same test bed ADAM instance. I'm thinking of more of
a database continuous integration-type of approach, except using ADAM/LDAP
as the data store instead of SQL. :)
good point .. I'll look into that as well. Just liked the idea of sync as
we might do some changes to the test AD and a Sync would save me from
updating 5-6 developers machines in case of changes to the test AD.
You can definitely supply credentials to LDIF in order to pull the data
down from AD using the appropriate command line parameters.
If you tell us a little more about what you are doing, we might be able to
provide some other tips as well. If you are doing .NET stuff (far-fetched
in your organization, but you never know :)), you might get some mileage
out of my book too.
Hehe ... good tips all around .. I'll look into them'
All I'm trying is basically to get the test AD setup down on my laptop, to
save me from having to go to another machine to test the
authentication/authorisations stuff.
Thanks Joe.
Lars
HTH,
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
"Lars W. Andersen" <larswandersen@xxxxxxxxxxxxxxxx> wrote in message
news:e3yaHSxvGHA.2232@xxxxxxxxxxxxxxxxxxxxxxx
"Al Mulnick" <amulnick_No_SPAM@xxxxxxxxxxx> wrote in message
news:%23W86pAxvGHA.416@xxxxxxxxxxxxxxxxxxxxxxx
Not that I think you're going down the right path, but what you're
asking (in my words) is if you should be able to sync the AD to ADAM
with adamsync, correct?
Hi Al,
I hear you ... and even though I am working for what is the largest IT
service provider in the world (take a guess) having a development machine
that is part of an AD ( a competitors product) is not an option. Far-out
when we actually need it as we have customers requiring MS solutiong, but
sadlye true. Believe me ... us being a MS shop in an anti-MS organisation
have tried almost everything. Next time i reinstall my laptop I have
sworn that I'm gonna install a W2K3 server and create my own ad ... if
nothing else .. out of spite =8-)
Virtualization is an option- but I was looing for something simple and
quicker for now.
. You must have Read or Dirsync access to the objects or partitionsThe user I have on the AD is enterprise admin. That ought to do the trick
in the Active Directory forest that you want to synchronize.
:)
. You must have full control of an application directory partitionI own that as well.
on an ADAM instance to run this command.
You should have that via your AD account rights, however you'll run into
an issue by not being part of the domain with these workstations because
the account you want to use for AD won't be known for the local
instance.
Is that just simply not possible? Or is it possible to "breach" the DC
security to let me do this?
Another possible way around that would be to install adam on another of
the servers on the domain ... sync the ad to that adam and then copy the
adam to my local workgroup machine and restore it there?
.
- References:
- ADAM woes
- From: Lars W. Andersen
- Re: ADAM woes
- From: Al Mulnick
- Re: ADAM woes
- From: Lars W. Andersen
- Re: ADAM woes
- From: Joe Kaplan \(MVP - ADSI\)
- ADAM woes
- Prev by Date: Re: ADAM woes
- Next by Date: 80072035 when add user to group
- Previous by thread: Re: ADAM woes
- Next by thread: Re: ACLs have changed
- Index(es):
Relevant Pages
|
Loading
