HOWTO: Clone active directory to apacheDS

Solution 1:

Hayalci's answer is a good one for the question in your title, but not for the goal in your last sentence. This will not accomplish "AD in your PC." End of sentence.

LDAP alone will not emulate AD. For one thing, an LDIF export and import won't bring in passwords. But much larger, LDAP is only a piece of AD. AD also includes Kerberos, DNS with RR, and GPO - plus all the ACLs, both to AD objects and everything else in the microsoft ecosystem.

If you need a copy of AD, then you can use some VM software (VMware, HyperV, etc) to host a Windows Server that gets a DCpromo. Without knowing what you need to test, I can't tell you how much to export/import to actually get a proper test. The suggestion to use LDIF is a good one, and if you're using AD with the same version and unmodified schemas on both production and your test instance, that will get your whole user databases (minus passwords) into your test environment.

That won't include permissions, servers, and who knows what else might be important in your environment. But it's a good start.

Solution 2:

I'm not aware of any specific tools, but here is an idea.

Both Active Directory and ApacheDS are LDAP servers, and the main format for backup/restore of LDAP directories is LDIF. Try to get and LDIF dump of the whole Active Directory, and try to import it into ApacheDS. Probably you will get some errors, and you will have to modify the ldif file into something ApacheDS accepts. [ We are in the middle of a SunDS -> OpenLDAP migration and we are writing python programs to massage the LDIF files ]

Solution 3:

This may help. Take a look at Jeff Middleton's tools in SBS migration. You can get an exact copy of your AD with out harming your production domain. Sounds like you do not need to use the whole kit, but the early phases should accomplish our goals