The BoKS AD Bridge feature can be used to synchronize user information between Microsoft Active Directory and a BoKS domain. A number of utility commands are used to set up and maintain the connectivity between AD and BoKS. The actual synchronization is performed using the adsync utility command.
Here's the list of LDAP attributes requested from AD by BoKS adsync.
|dn||Distinguished Name. Stored and associated with the user in BoKS.|
|member||The list of users that belong to the group|
|objectClass||The list of classes from which this class is derived.|
|uid||A user ID. This attribute is the base for the login name for Unix type users in BoKS (RFC 2307).|
|uidNumber||The Unix UID number (RFC 2307).|
|gidNumber||The Unix GID number (RFC 2307).|
|gecos||User comment, e.g. full user name (RFC 2307).|
|unixHomeDirectory||Home directory (RFC 2307).|
|loginshell||Shell program (RFC 2307).|
|accountExpires||The date when the account expires.|
|userAccountControl||Flags (bit mask) that control the behavior of the user account. The second bit (userAccountControl & 2) controls if the account is enabled or disabled.|
|userPrincipalName||An Internet-style login name for a user based on the Internet standard RFC 822. Required by Kerberos. Stored and associated with the user in BoKS.|
|samAccountName||The logon name used to support clients and servers running earlier versions of the Windows operating system, such as Windows NT 4.0, Windows 95, Windows 98, and LAN Manager. This is the login name registered for Windows type users in BoKS.|
|objectSid||A binary value that specifies the security identifier (SID) of the user. The SID is a unique value used to identify the user as a security principal.|
Still have questions? We can help. Submit a case to Technical Support.