Is there any tool which copies the structure(all ou's, all cn's) from Novell LDAP to Active Directory?
export all data from the source directory server into an LDIF file and then import that the resulting LDIF file into the destination directory
or
use the ldapsearch tool to retrieve the desired entries from the source directory server and deposit those into an LDIF file, then import the resulting LDIF file into the destination server
or
use the ldapsearch tool to retrieve the desired entries from the source directory server and input the results directly in the ldapmodify tool
or
write a tool using the UnboundID LDAP SDK to retrieve the desired entries from the source and then add them to the destination
or
use a commercial LDAP synchronization tool
If this is a one time LDIF export and import of the OU structure using Apache Directory Studio would be way easier than Identity Management (IDM). IDM is not easy to setup. Also the IDM Active Directory driver out of the box is not designed to sync OUs. You would have to create a custom IDM LDAP driver. This is a lot of work and doesn't make sence unless the OU tree you are importing is changing constantly.
There are few key tools that one can use:
Import Conversion Export Utility (ICE) from Novell iManager - this is a web based tool that will allow you to export entire structure in a ldif format with very little fuss. The following link will give more details on it. http://www.novell.com/documentation/edir873/?page=/documentation/edir873/edir873/data/a5hgmnu.html
The other way is to use the command line ICE tool as well - you can use if you more comfortable with using BASH.
http://www.novell.com/documentation/edir873/edir873/data/a5hgmnu.html#a5hgn0b
Using command line utility like ldapsearch - i have found it to be very effective so will rate this very highly if you want to automate your LDAP extraction process. Bear in mind that the ldapsearch utility differs on each flavour of UNIX so some of command line options (e.g. ldapsearch -H or -y flag) will not work on Linux (e.g. RHEL) but may work on SUSE / Solaris / Aix. I have experienced this myself so just thought of warning you for the same (i tried moving from Suse to RHEL but got stuck in this trap).
Using command line utility (windows) called ldp.exe - this is another open source windows command line utility that allows one to write simple powershell script to perform LDAP search - useful if you have windows based workstation (i ran on my own pc). See below link for more details https://technet.microsoft.com/en-us/library/cc771022%28v=ws.11%29.aspx
Use open source LDAP browser such as Apache Directory Studio / Gawor's LDAP Browser which will help export data into CSV / Excel format. The only drawback with this tool is that heavy duty searches sometimes can lead to system being slowed down; for that the other alternative is using Light weight LDAP browser like Jerek Gawor's LDAP utility. http://www.novell.com/coolsolutions/tools/13765.html will give more details. i have used this tool (Gawor's ldap tool) for large queries as well and its been giving results very quickly.
Having used each of the options over last 5 years, I will recommend using either ldapsearch (for UNIX) or ldp.exe (for windows commnand line) if you are looking to automate this; or Gawor's ldap browser / Apache Directory Studio as potential alternatives if you want to generate standalone extracts.
Novell has a product (now under the NetIQ Product line) called Identity Manager, which can synchronize objects (any object allowed in schema) from eDirectory to many other systems, Active Directory included. If you have Universal Passwords enabled in eDirectory you can even send the passwords.
This is meant to be used as an Identity Management system, where you can have HR provision users into a central eDirectory instance (as a hub) and then push that data out to all connected systems that meet the criteria you define.
It supports Roles Based Access Control, so that perhaps only people who fall into certain roles get provisioned into certain systems and the like.
Very powerful, and reasonably easy to set up. There is a free bundle edition included with many of the Novell/NetIQ products if you own them.
Related
On my domain server 2012r2I am trying to deploying office 2007 but not all of the office I need to install only excel and word
I found an .msi file within the dvd installation and found many .msi packages
called ExcelMUI.msiand WordMUI.msi at directory
...\English\Excel.en-us\ExcelMUI.msi
...\English\Excel.en-us\WordMUI.msi
can I use them to deploy only excel and word through domain server 2012r2?
are they valid as .msi packages installer ?
Best Guess: I wonder if those MUI-setups are Multilingual User Interface setups. I think you should get on a virtual machine and try to run the setup.exe instead (if there is one) and then go to "Custom" or equivalent to see if you get a feature selection dialog. Then you should select Word and Excel to install fully and you can disable most other features (don't disable the shared features, just the other apps would be my suggestion - Outlook, PowerPoint, etc...). It is possible that those MSI files you mention can be used directly. You could try to run them - but only on a virtual of course. Or on a computer which does not matter - test computer of some sort. Look for a custom option and a feature dialog there too. Sorry, all I can suggest without installation media access.
Sure?: With all that said, Office on a domain server? Do you mean domain controller? (hope not). Sounds like a very dangerous move if you ask me - with all the security holes Office contains. At least make sure to run Windows Update or Office Update or whatever mechanism you have to deploy security fixes. Can I be curious and ask why the server needs Office? Is it for automation only?
Viewer for MSI Files: You can open and inspect MSI files using the free tools Orca, SuperOrca or InstEd (links towards bottom). I have an old answer on superuser showing how MSI features can be seen inside the MSI file.
Currently I just switched to Oracle database from Mysql now as i read freaky docs from here.
It says you must need to specify a parameter file but not being able to do that.
I mean i'm unable to find Oracle_home and i'm using windows 8 so it denies me to create any sort of files in C:\ directory .. Please guide me as well to do setup with Oracle database.
Help would be appreciated!
If you install an OFA-compliant database, using Oracle Universal Installer defaults, then Oracle home (known as ORACLE_HOME in this guide) is located beneath ORACLE_BASE. It contains subdirectories for Oracle Database software executables and network files.
ORACLE_BASE-/u01/app/oracle/product/11.2.0/dbhome_1
with subdirectories like:
bin,
rdbms,
sqlplus,
etc
I have set up an instance of AD-LDS as in here
http://www.thegeekispeak.com/archives/28
and connected to it with Softerra LDAP Browser
What I don't know how to do is get the users stored in the AD-LDS "database" on my colleague's machine into my machine. Is there some export/import process? Do I do it from the LDAP browser or somewhere else?
If someone has done this and can tell me how it could save me a lot of time and I would really appreciate it.
A good tool to work with directories in general is Apache Directory Studio and the language used to export/import datas from one Directory to another is LDIF. Apache Directory Studio log all your operation on a Directory in LDIF format.
Another is to build your version of AD-LDS as a replicate of the one of your colleague's machine.
There isn't a way to copy the entire object including attributes like SID and Password. If you simply want to share data, you can create replicas and the instances will be in sync.
To put the problem simply,
I have a piece of code that is currently working on an instance of Windows Active Directory. Now in order to test that I want to use another LDAP server that has the same hierarchy and the same data. I have a local instance of open ldap running. Is there a way where can easily replicate it?
Really if you want to test the content of an Active-Directory, the very best way is to install an Active-Directory Application Mode (ADAM). It's a free product from Microsoft in wich you can easily duplicate you AD Schema an then your datas. ADAM exists under W2K8 under the name of lightweigt Active Directory (LDS).
You can do it whit openldap, but you have to translate the schema and then to export/import your datas usin LDIF.
I am having trouble sorting through all the information / various options in regards to Access 2007 used in a multi-user environment. Here is a brief description of my current situation. At work there is the "Business LAN" which I can log on and use to monitor two other servers via remote desktop. The business LAN is strictly controlled by our IT department and no one is permitted to install any software or drivers without their consent. I do have administrative privileges on both servers though.
The two servers that I log on to using RD are used for essentially the same task, which is to monitor and control the heat to different process lines. Each server runs a different program to accomplish this task but both programs use SQL Server as a back end.
I created two access databases (one on each server because they are currently behind seperate firewalls) in order to query information from the backend SQL side of these programs and combine it with relative information I have compiled in tables in order to add more detail to the data the programs are collecting. My program is still in the debug stage but ultimately this information can then be accessed by field techs / maintenance in order to make their job easier. Maintenance staff can also add even more information based on the status of repairs etc....Last, I have created reports which can be run by Managers / Engineers who are looking for an overall status of their area.
Both access db's are split so that the back ends are seperate from the forms, queries, etc... I use an ODBC data source to import a link to SQL. I am using vba for user authentication, user logging record updates, and user / group access control. Everything works the way I intended except the fact I everyone who logs on the server will be trying to run the same copy of the front end. For example, I had a co-worker log on to the server via RD to test the program and I logged on from my desk. After logging in I could see the forms he had open. Access was already running. Without being able to install access locally (or even runtime, due to IT restrictions) on to each individuals workstation, I'm not sure what approach to take to resolve this.
Additional info, Server 1
One of the servers is considered to be the "master server" in which a number of client stations "slave servers" all communicate with. The only way to access folders on themaster server is log on to the client station and run RD.
Server 2
This server is considered to be the "historian". It communicates with a terminal server in which users log on using RD and run applications which use SQL backend which resides on the historian. I have been able to set up shares so that certain folders are visible on the historian from the terminal server.
Can anyone tell me what my best option is?
Thanks in advance.
CTN
It's really crazy the way some IT departments do everything possible to make it hard to do your job well.
You allude to users logging on via Terminal Server. If so, perhaps you can store the front ends in the user profiles of their Terminal Server logons? This assumes they're not just using the two default admininstrative Terminal Server logons, of course.
The other thing that's not clear to me is why you need a back end at all in Access/Jet/ACE -- why not just link via ODBC to the SQL Server and use that data directly? The only reason to have an independent Jet/ACE file with data tables in it in that scenario is if there is data you're storing for your Access application that is not stored in the SQL Server. You might also have temp tables (e.g., for staging complicated reports, etc.), but those should be in a temp database on a per-user basis, not in a shared back end.
Here is a suggestion how to implement what David Fenton wrote: write a simple batch script which copies your frontend from the installation path to %TEMP% (the temporary folder of the current user session) and runs the frontend from there. Something along the lines of
rem make sure current directory is where the script is
cd /d %~d0%~p0
rem assume frontend.mdb is in the same folder as the script
copy /y frontend.mdb %temp%
start %temp%\frontend.mdb
Tell your users not to run the frontend directly, only via the batch script, then everyone should get his own copy of the frontend. Or, give your frontend a different suffix in the installation path and rename it to "frontend.mdb" when copying to %temp%.