Discussion:
Comparing eDirectory and Active Directory.
(too old to reply)
tom
2003-09-19 01:31:26 UTC
Permalink
Hi folks,

I have eDirectory database and Active Directory Database.
Both the Database are feed by peoplesoft in the begining.
But Finally Active Directory will be the last source. So
I need to find available "cn" in eDirectory and compare
with "cn" AD. Then Move new data from eDirectory to
Update AD with the latest changes in ONe Shot. Have
anyone done this kind of stuff. If you guys have done
that please advice me How do I do that in ASP with
LDAP.I want to mape the fields of eDirectory to AD in
XML. ?????

I guess , I hope for Positive reply.

thanks,
TOM
Marc Scheuner [MVP ADSI]
2003-09-19 05:46:20 UTC
Permalink
Post by tom
I have eDirectory database and Active Directory Database.
Both the Database are feed by peoplesoft in the begining.
But Finally Active Directory will be the last source. So
I need to find available "cn" in eDirectory and compare
with "cn" AD. Then Move new data from eDirectory to
Update AD with the latest changes in ONe Shot. Have
anyone done this kind of stuff.
Yes, I was the tech lead on a project to create such a utility :-)

It's called "FastLane NDS Migrator" and it's available from Quest
Software:

http://www.quest.com/fastlane/nds_migrator/

marc

================================================================
Marc Scheuner May The Source Be With You!
Bern, Switzerland m.scheuner(at)inova.ch
Joe Richards [MVP]
2003-09-20 17:03:30 UTC
Permalink
Unless you either don't care much about your data or have a ton of time to develop and test your app thoroughly with the
knowledge level you seem to have about what you are doing now you should really consider getting someone else's product
to do it.
--
Joe Richards
www.joeware.net

--
Marc,
Thanks for reply, But We are not going to use any Third
party software to do that. We have to do manually by
coding into ASP or VB with the help of LDAP and ADSI.
There Approx. 30,000 users that we are going to be
transfer in one Bulk Load so the procedure should be fast
not slow. So You can understand. This is only one time
Process then we are done.
Any advice or little help appreciated.
thanks,
TOM
-----Original Message-----
Post by tom
I have eDirectory database and Active Directory
Database.
Post by tom
Both the Database are feed by peoplesoft in the
begining.
Post by tom
But Finally Active Directory will be the last source. So
I need to find available "cn" in eDirectory and compare
with "cn" AD. Then Move new data from eDirectory to
Update AD with the latest changes in ONe Shot. Have
anyone done this kind of stuff.
Yes, I was the tech lead on a project to create such a
utility :-)
It's called "FastLane NDS Migrator" and it's available
from Quest
http://www.quest.com/fastlane/nds_migrator/
marc
==========================================================
======
Marc Scheuner May The Source Be
With You!
Bern, Switzerland m.scheuner(at)
inova.ch
.
Marc Scheuner [MVP ADSI]
2003-09-22 06:07:06 UTC
Permalink
Thanks for reply, But We are not going to use any Third
party software to do that. We have to do manually by
coding into ASP or VB with the help of LDAP and ADSI.
Well, then good luck - hope you have lots of time! ;-)

Seriously - it involves more than first meets the eye, unless you're
dealing with very simple scenarios.

Some questions you might need to answer:
* how do you "match" between an existing NDS object, and an AD object?
* Does that AD object already exist?
* Will the structure of the users in their OU's be the same on both
sides?

Theoretically, if you can easily match the NDS object to the AD object
(and that exists already), you can do:

* Bind to both the NDS object
(NDS://<tree>/O=Org/OU=OU1/OU=OU2/CN=User Name) and to the AD object
(LDAP://cn=ADUser,ou=AD-OU,dc=yourdomain,dc=org)

* Enumerate the properties in NDS you're interested in and getting
those values one by one

* Settings the appropriate properties on the AD side

* Once you're done, persist the changes in AD and you're done!

That's very simple, really - the devil is in the details (different
data formats, NDS properties that don't exist in AD or that have
different meaning etc.)

Marc

================================================================
Marc Scheuner May The Source Be With You!
Bern, Switzerland m.scheuner(at)inova.ch

Jim Willeke
2003-09-21 00:29:02 UTC
Permalink
We have done and do this "stuff" all the time.
If you can write the logic rules down, we can provide a utiltiy to do it.

If you want it to be fast, ASP is NOT the way to go.

Novell provides a DirXML driver that would be fully operations as an
eval that will do the mappings in XML.

There are several gochas as the two LDAP do not support that same schema
and schema rules.

As an example, AD does not support multiple CNs and eDirectory does.
-jim
Post by tom
Hi folks,
I have eDirectory database and Active Directory Database.
Both the Database are feed by peoplesoft in the begining.
But Finally Active Directory will be the last source. So
I need to find available "cn" in eDirectory and compare
with "cn" AD. Then Move new data from eDirectory to
Update AD with the latest changes in ONe Shot. Have
anyone done this kind of stuff. If you guys have done
that please advice me How do I do that in ASP with
LDAP.I want to mape the fields of eDirectory to AD in
XML. ?????
I guess , I hope for Positive reply.
thanks,
TOM
Continue reading on narkive:
Loading...