Re: [Lam-public] Local Copy of AD Forests
Brought to you by:
gruberroland
From: Roland G. <po...@ro...> - 2024-03-21 06:52:04
|
Hi Mark, can you provide more details what you mean with "I want the LDAP databases for both forests on the Ubuntu host"? Do you just want to manage them from one central system? In this case, LAM is a good fit. You can create a server profile for each forest and manage all of them with one LAM instance. Best regards Roland Am 20.03.24 um 20:41 schrieb Mark Sigsbee: > I'm not a Unix expert, I'm the AD guy. I have no clue what tool you are referring to. > > Can you make a recommendation? > > Mark R. Sigsbee, CISSP > > > > SUNet PKI Support Team > > Mark@ZTISolutions.com<mailto:Mark@ZTISolutions.com> > > (301)509-7592 (cell) > > > > [cid:11ffa6ef-57a0-4260-8b6d-8bc96f25c5e0] > > > > ________________________________ > From: Roland Gruber <po...@ro...> > Sent: Wednesday, March 20, 2024 2:36 PM > To: lam...@li... <lam...@li...> > Subject: Re: [Lam-public] Local Copy of AD Forests > > Hi Mark, > > LAM is a GUI to manage LDAP entries. The place where these are stored is > totally up to the LDAP server. If you need to sync data between LDAP > servers then you will also need an additional tool. > > > Best regards > Roland > > > Am 20.03.24 um 13:31 schrieb Mark Sigsbee: >> Design: >> >> 1. >> Ubuntu 20 LTS with LAM, LDAP. >> 2. >> DC/Contoso.local server Forest with many servers >> 3. >> DC/LitWareInc.local server Forest with many servers >> 4. >> IdP - Server farm for authentication >> 5. >> AWS Cloud >> 6. >> Azure Cloud >> >> I have successfully connected LAM to both DC's and can see the tree view. All is good. >> >> For security reasons I do not want to expose the DC's to external sources. I want the LDAP databases for both forests on the Ubuntu host. Does your tool make that happen? The IdP should only point to the LDAP server to verify authentication. The LDAP server should be getting near realtime updates of the AD changes. Ultimately I have probably 100 AD forests I need to integrate into this. >> >> >> Mark R. Sigsbee, CISSP >> >> >> >> SUNet PKI Support Team >> >> Mark@ZTISolutions.com<mailto:Mark@ZTISolutions.com> >> >> (301)509-7592 (cell) >> >> >> >> [cid:2b613cae-9b8b-4cbe-a232-1a91589eec32] >> >> >> >> >> >> _______________________________________________ >> Lam-public mailing list >> Lam...@li... >> https://lists.sourceforge.net/lists/listinfo/lam-public > > > _______________________________________________ > Lam-public mailing list > Lam...@li... > https://lists.sourceforge.net/lists/listinfo/lam-public > |