-
Notifications
You must be signed in to change notification settings - Fork 2
Home
Home > Concepts and terminology > Getting Started
ADSync4J is a lightweight Java library that greatly simplifies the task of creating and maintaining a replica of objects living in Active Directory.
The library implements a protocol that enables users to download an arbitrary set of data from Active Directory into a local storage and to keep it up-to-date with the source by performing periodic incremental synchronization. In short, ADSync4J helps replicating data from Active Directory.
There can be many use-cases. For example, a typical problem you might face when interacting with Active Directory through LDAP is the poor querying interface that LDAP offers. This becomes an issue if you frequently need to perform queries that go beyond what is feasible using LDAP filters. With ADSync4J it's easy to replicate directory objects you are interested in into a relational or graph database, and leverage the more expressive query language they offer.
ADSync4J can also be used to solve integration problems. If you need to deploy your application into an environment where user accounts come from a diverse set of sources including Active Directory, then ADSync4J will be of great help in keeping the central identity store of the application in sync with Active Directory.
Sometimes it helps to define things by saying what they are not. Let's see a few features ADSync4J does not offer.
-
The synchronization is one way only. Changes in the local replica will not be applied in Active Directory. Apologies if the library's name is misleading, it might have been more correct to name it using the term "replication" instead of "synchronization".
-
The library only takes responsibility for the communication with Active Directory. Once the list of the newly created/changed/deleted directory objects is retrieved, it's up to your application to process that information according to your requirements (presumably apply those changes to a locally stored replica).
-
The library cannot magically retrieve data that is normally not accessible through LDAP. In particular, it won't be able to retrieve user passwords.
In order for ADSync4J to be applicable in any JVM based development environment, it does not mandate the use of any framework or library. It was designed to stay independent of:
- any persistence framework
- any inversion of control framework
- and even any LDAP SDK (*)
However, this flexibility comes at a price. Many of the classes had to introduce some type parameters that wouldn't be necessary if the library worked with a fixed set of dependencies. Although the API became a bit more complicated this way, the average user won't have much difficulty with it, while allowing for customizations by users with special requirements.
* The UnboundID LDAP SDK is used by default which can be replaced with other SDKs by implementing a few simple interfaces.
Home > Concepts and terminology > Getting Started