【AD ADS (AD Lightweight Directory Services)】
◎ Microsoft's pure LDAP service。
◎ Independent program,Can be installed inside/outside the domain,Can install multiple。
◎ Account information of AD DS can be synchronized through adamsync,But unable to sync password,Unless through other tools,Such as Microsoft's FIM、ME,But need to purchase authorization。
◎ If you plan to use a single account to access the LDAP address book,Can consider it。
Related instructions:
ldifde -i -f ms-adamschemaw2k8.ldf -s localhost:389 -k -j . -c "cn=configuration,dc=X" #configurationNamingContext adamsync /install localhost:389 C:\LDS\MS-AdamSyncConf.XML /passPrompt adamsync /sync localhost:389 dc=ldap,dc=local /log C:\LDS\synclog.txt
# log 有出現錯誤的模組,可以在 MS-AdamSyncConf.XML 用 <exclude>extensionName</exclude> 先排除掉。 # <exclude>extensionName</exclude> 跟 <include>extensionName</include> 項目不能同時存在。 # 如果有多組 OU 要匯入,可以用多個 <base-dn>ou=a,dc=abc,dc=com</base-dn> 來匯入。
【AD FS (AD Federation Service)】
◎ Mainly used for SSO (Single Sign-On)。
◎ AD FS is not LDAP。
◎ Use SAML (XML-like),To use AD FS in other application services,Need to cooperate with this part。
[Reference]
- Sync of AD DS to AD LDS Solutions | Experts Exchange
- ADAMSync Problem with userProxy and SID?
- Example ADAM configuration files | ServiceNow Docs
- ADAMSync 101 – Microsoft Tech Community – 400165
- Syncing LDS to AD DS | Dirk & Brad’s Windows Blog
- Synchronize with Active Directory Domain Services
Sorry,Because no contact information was found,Please allow me to comment here。
Hello,I am in charge of product promotion of PearlMountain,My name is Liao Yang。
Saw your blog by accident,I am very interested。
Our company has a network online video editing software,Called "FlexClip",Then I want to provide you with a premium version for you to experience。
If you like it,I wonder if you can write an opinion about this software on your blog?
Interested,Please email me,thank you for your support。
您好,I am not reviewing software,Xie Xie 您。
Anson Reply | August 12th, 2020 at 2:49 PM