ldap_integration
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | Next revisionBoth sides next revision | ||
ldap_integration [2009/08/20 09:31] – 172.26.0.166 | ldap_integration [2009/08/20 09:40] – 172.26.0.166 | ||
---|---|---|---|
Line 21: | Line 21: | ||
long time.</ | long time.</ | ||
==== Domain controller vs. Global catalog ==== | ==== Domain controller vs. Global catalog ==== | ||
+ | As ILRI has many AD domains and our users could be coming from anywhere, we need to query a server running the global catalog service instead of a normal domain controller. | ||
< | < | ||
on the standard LDAP port 389. However, domain controllers (including Global Catalog Servers) respond to LDAP | on the standard LDAP port 389. However, domain controllers (including Global Catalog Servers) respond to LDAP | ||
Line 27: | Line 28: | ||
requests on port 3268, Microsoft' | requests on port 3268, Microsoft' | ||
with AD information from the entire AD forest. In multi-domain AD environments, | with AD information from the entire AD forest. In multi-domain AD environments, | ||
+ | ILRI Kenya has three Active Directory servers, and from what I can tell two of them run a global catalog: | ||
+ | * 172.26.0.218 <- running a global catalog (port 3268) | ||
+ | * 172.26.0.219 | ||
+ | * 172.26.0.220 <- running a global catalog (port 3268) | ||
===== pam_cgiar_ldap.c ===== | ===== pam_cgiar_ldap.c ===== |
ldap_integration.txt · Last modified: 2012/02/06 08:43 by aorth