Designing Synchronization; Windows Synchronization Overview - Red Hat DIRECTORY SERVER 8.1 - DEPLOYMENT Deployment Manual

Hide thumbs Also See for DIRECTORY SERVER 8.1 - DEPLOYMENT:

Command reference manual (372 pages)

Configuration and command reference (292 pages)

Reference (228 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

page of 164

/ 164
Contents
Table of Contents
Bookmarks

Table of Contents

Chapter 7.

Designing Synchronization

An important factor to consider while conducting the site survey for an existing site

"Performing a Site

Survey") is to include the structure and data types of Active Directory directory

services. Through Windows Sync, an existing Windows directory service can be synchronized and

integrated with the Directory Server, including creating, modifying, and deleting Windows accounts

on the Directory Server or, oppositely, the Directory Server accounts on Windows. This provides an

efficient and effective way to maintain directory information integrity across directory services.

7.1. Windows Synchronization Overview

The synchronization process is analogous to the replication process: it is enabled by a plug-in and

configured and initiated through a synchronization agreement, and a record of directory changes is

maintained and updates are sent according to that log.

There are two parts to the complete Windows Synchronization process:

• User and Group Sync. As with multi-master replication, user and group entries are synchronized

through a plug-in, which is enabled by default. The same changelog that is used for multi-master

replication is also used to send updates from the Directory Server to the Windows synchronization

peer server as an LDAP operation. The server also performs LDAP search operations against its

Windows server to synchronize changes made to Windows entries to the corresponding Directory

Server entry.

• Password Sync. This application captures password changes for Windows users and relays those

changes back to the Directory Server over LDAPS. It must be installed on the Active Directory

machine.

7.1.1. Synchronization Agreements

Synchronization is configured and controlled by one or more synchronization agreements . These

are similar in purpose to replication agreements and contain a similar set of information, including

the hostname and port number for the Windows server and the subtrees being synchronized. The

Directory Server connects to its peer Windows server via LDAP or LDAP over SSL to both send and

receive updates.

(Section 2.3,

Table of Contents

Designing Synchronization; Windows Synchronization Overview - Red Hat DIRECTORY SERVER 8.1 - DEPLOYMENT Deployment Manual

Designing Synchronization

7.1. Windows Synchronization Overview

Related Manuals for Red Hat DIRECTORY SERVER 8.1 - DEPLOYMENT

Related Content for Red Hat DIRECTORY SERVER 8.1 - DEPLOYMENT

Table of Contents