Password Sync.

[Rob Yung]

Hello all,

We are running Netware 5.1sp5, eDir 6.2, and NDS v10350.13 as our
network backend and NT4 as the frontend. We are contemplating also
running a parallel Active Directory system on some Win2K boxes. Is
there any way to synchronize a password change from eDirectory to AD?
I know about Novell Account Management but that software seems to no
longer be avaliable as a standalone product. Is there any other way
to keep both directory services running synchronized and in parallel
while we slowly migrate users over?

Thanks
Rob

 

[Marcus Holland]

Hi Rob,

How do users change their passwords? The Novell client can be used to set both password at once if required. Otherwise, if you have some in-house tool e.g. web , you can just modify that.

Otherwise I'd recommend you check out Novell's DirXML 1.1a (bundled with Zen3/4) or NSure (DirXML 2). These have password sync agents that do this also. There's also Novell Account Management 3.0, which is a cut down version of DirXML 1.

There's no real way to sync the password back from NetWare (apparently), as it can't be decrypted. It's easier to go the other way AD > eDir, using something like MS Services for NetWare 5.03, which is what I'm planning to do.

We currently use Novell Account Management 2.1 (NDS for NT) which does the bi-directional password sync quite nicely, but NT4's days are numbered, so I'm looking at either MS Services for NetWare short term, and probably NSure as an identity management solution long term.

Hope that helps!

Cheers,

Marcus
________________________________________________________
Marcus Holland, Computer Systems Engineer (MCSE)
IT Services Department, Lincoln University, NZ.
Ext: 8033
Phone: 064-3-3253825
Fax: 064-3-3253865
Mobile: 0274-318-791
Email: (e-mail address removed)
Web: http://www.lincoln.ac.nz/its/profiles/hollam.htm

Non faciendum illigitatus carborendum