« previous next »
Pages: [1]

Author Topic: Moving accounts / OU along the LDAP tree  (Read 1998 times)

robb

  • Guest
Moving accounts / OU along the LDAP tree
« on: October 03, 2013, 07:04:30 pm »
As far as I can see, there is currently no option to move an account from 1 OU to another, or move OU's to another location on the LDAP tree.
So I have a few questions to make shed some light on this:
- Is it possible to move accounts from 1 OU to another?
- Do you have to use 3rd party tools?
- If so, what tools are qualified and/or recommended to do this?
- Can this be done with both Windows and Linux clients/software?

Reasoning behind these question:
Imagine you have multiple locations and you want to implement replication between those locations in a scheduled way. The 'Microsoft way' is to create sites. Now imagine a collegue is working on 1 location and will be transferred to another location. His account should get transferred to that new location too otherwise profile and home directory will use a lot of slow WAN links making it a horrible experience for the user. Obviously mail, profile and files should remain available so delete-and-recreate the account is no option.

I hope Julien, Josh or Samuel can respond on this.
« Last Edit: October 03, 2013, 07:10:11 pm by robb »
Logged

christian

  • Guest
Re: Moving accounts / OU along the LDAP tree
« Reply #1 on: October 03, 2013, 07:58:19 pm »
I would be surprised if it can't be done using any LDAP management interface in case you run Zentyal without file sharing (Samba).
With file sharing deployed, as I don't know how synchro between the 2 LDAP servers works, there is perhaps some side effect.
For those having test platform, this is very easy to test it.

What is more surprising is that such feature is not part of Zentyal interface  :o
Logged

jjmontes

  • Zentyal Staff
  • Zen Monk
  • *****
  • Posts: 86
  • Karma: +8/-0
    • View Profile
Re: Moving accounts / OU along the LDAP tree
« Reply #2 on: November 18, 2013, 06:33:11 pm »
Quote from: christian on October 03, 2013, 07:58:19 pm
I would be surprised if it can't be done using any LDAP management interface in case you run Zentyal without file sharing (Samba).
With file sharing deployed, as I don't know how synchro between the 2 LDAP servers works, there is perhaps some side effect.
For those having test platform, this is very easy to test it.

With file sharing this doesn't work correctly. "Users and Groups" tool shall be used (or ideally, Zentyal interface would support this), but the sync process shows a warning. This requires some extra development: see Feature Request http://forum.zentyal.org/index.php/topic,18835.0.html .
Logged
Pages: [1]
« previous next »