LDAP users synchronization


i'm looking way synchronize users database between piece of software , ldap directory. i'm thinking of 3 possibilities keep track of specific user :

  • guid : seems ad-specific guess other directories have equivalent unique identifier. can use ldap query (&(objectclass=user)(guid=xxx)) to user.
  • samaccountname : ad-specific , searchable via ldap query
  • path (dn) : should consistent accross different ldap providers. i'm using the system.directoryservices namespace, have do var userentry = new directoryentry(path, username, password); to user

there other possibilities achieve ? reliable way link users database ones ad directory ? impact of these solution in term of performances ?

hi strikebt,

i not expert in active directory.  just suggestion,

there attribute called objectguid. that present on every object. the  objectguid attribute protected cannot altered or removed. when store reference active directory object in external store (for example, database such microsoft® sql server ), the  objectguid value should used. unlike distinguished name or relative distinguished name, can changed, guid never changes.

reference in object identity , uniqueness section.

http://technet.microsoft.com/en-us/library/cc977992.aspx

using ldap user synchronization

http://www.papercut.com.hk/product/papercut-mf/manual/ch-sys-mgmt-user-group-sync.html

anyway, should try, , make sure every property unique primary key.

best of luck!

kristin

we trying better understand customer views on social support experience, participation in interview project appreciated if have time. helping make community forums great place.
click here participate survey.






Visual Studio Languages  ,  .NET Framework  >  Visual C#



Comments

Post a Comment

Popular posts from this blog

Azure DocumentDB Owner resource does not exist

having same error microsoft.azure.documents.documentclientexception: message: {"errors":["owner resource not exist"]} , scenario. when deployed webapp azure , try document docdb throws error. docdb exists in azure , contains document looking for. weird local machine(running vs) works fine. i'm using same settings in azure , local. have , idea this. thanks Microsoft Azure  >  Azure Cosmos DB
Read more

RFC_ERROR_SYSTEM_FAILURE with SAP ECC 6 Unicode

hi all, i using biztalk 2006 r2, microsoft biztalk adapter v2.0 mysap business suite sp1 & sql server 2005 database server. we have developed orchestrations communicating sap version 4.7.   currently sap has been upgraded in ecc 6(unicode) system. i have configured new send port on dev server. orchestration can communicate sap ecc 6.0 (non- unicode) system while trying connect sap ecc 6.0 (unicode) getting error. a message sent adapter "sap" on send port "ecc 6 sendport" uri "sap://as:***.**.***.***/**/***/" suspended.   error details: rfc_error_system_failure   messageid:   {b7dd677e-0ef3-480b-835a-d389f2e24179} is there can configure setting unicode ?   thanks in advance     ajay dabhade problem solved: standard table data types appear not unicode compatible in sap ecc 6.0. make rfcgetfunctiondesc raise error. solution: used other data types scratch in rfcs in sap   ajay dabhad...
Read more

C# System.Data.Common DbCommand and getting Datasets from Oracle

i found no oracle specific forum area, decided post here. getting dataset oracle c# system.data.common library's dbcommand seems tricky task. i using command object in project along dbproviderfactory , dbdataadapter because meant allow use same library multiple database providers, , don't have clutter data access layer of project separate classes accessing each individual database provider. my problem is, stored procedures fetching data oracle require refcursor object added in parameters. however, dbtype library not contain definition object. using "object"-type not work. i have read many places not have add refcursor parameter, endless failed attempts @ running command without refcursor object has brought me conclusion leaving out refcursor object not option when using system.data.common library. here coded example connectionstring purposefully left out.                 dbconnection.ope...
Read more