Wednesday, May 7, 2008

OpenLDAP replication with OS X Server as Master

At work we have two OS X servers doing authentication for OS X users.

Now we thought on having the same credentials on our Debian GNU/Linux based intranet systems.

Since Apple is running an OpenLDAP compatible solution (OpenDirectory) we wanted to have local OpenLDAP replica on the interanet systems for authentication and as Address book.

First we learned that Apple did some incompatible changes to their schema which needed to be fixed by another schema (apple_fix) which has to loaded prior the apple schema in slapd.conf.

Additionally some changes to the slapd.conf file had to be necessary.

List of files you will need: