ldap_integration
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | Next revisionBoth sides next revision | ||
| ldap_integration [2009/08/20 09:31] – 172.26.0.166 | ldap_integration [2009/08/20 09:40] – 172.26.0.166 | ||
|---|---|---|---|
| Line 21: | Line 21: | ||
| long time.</ | long time.</ | ||
| ==== Domain controller vs. Global catalog ==== | ==== Domain controller vs. Global catalog ==== | ||
| + | As ILRI has many AD domains and our users could be coming from anywhere, we need to query a server running the global catalog service instead of a normal domain controller. | ||
| < | < | ||
| on the standard LDAP port 389. However, domain controllers (including Global Catalog Servers) respond to LDAP | on the standard LDAP port 389. However, domain controllers (including Global Catalog Servers) respond to LDAP | ||
| Line 27: | Line 28: | ||
| requests on port 3268, Microsoft' | requests on port 3268, Microsoft' | ||
| with AD information from the entire AD forest. In multi-domain AD environments, | with AD information from the entire AD forest. In multi-domain AD environments, | ||
| + | ILRI Kenya has three Active Directory servers, and from what I can tell two of them run a global catalog: | ||
| + | * 172.26.0.218 <- running a global catalog (port 3268) | ||
| + | * 172.26.0.219 | ||
| + | * 172.26.0.220 <- running a global catalog (port 3268) | ||
| ===== pam_cgiar_ldap.c ===== | ===== pam_cgiar_ldap.c ===== | ||
ldap_integration.txt · Last modified: 2012/02/06 08:43 by aorth