Bernie White's questions -server

Bernie White

Asked: 2012-10-02 14:55:34 +0800 CST

Dynamic group membership to work around no nested security group support for Active Directory

My problem is that I have a number of network administration applications like SAN switches that do not support nested groups from Active Directory Domain Services (AD DS). These legacy administration applications use either LDAP or LDAPS.

I am fairly sure I can use Active Directory Lightweight Directory Services (AD LDS) and possibly Windows Authorization Manager to work around this issue; however I am not really sure where to start.

I want to end up with:

A single group that can be queried over LDAP/LDAPS for all it’s direct members
LDAP proxy for user name and password credentials to AD DS
Easy way to admin the group, ideally the group would aggregate the nested membership in AD DS.
a native solution using freely available components from the Windows stack.

If you have any suggestions or solutions that you have previously used to solve this issue please let me know.

Dynamic group membership to work around no nested security group support for Active Directory

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?