In Greek mythology, Charon is the ferryman of the dead. The souls of the deceased are brought to him by Hermes, and Charon ferries them across the river Styx. The souls then pass to the guardian of the underworld, Kerberos.
The Charon Migration Wizard is also used to move souls towards Kerberos. It simplifies the mapping of Kerberos realm user names to users in the Active Directory. This is one of the steps necessary to create a single sign-on environment, where Windows users log into a realm instead of a domain.
Here I would like to put in a special thanks to mgr inż. Dariusz Zbik, who guided me through this project and worked the UNIX side of our school's transition to SSO.
First, we investigated the mechanisms that are built into Windows to acomplish our mapping.
This program works with the scema of Windows 2000 Server and Windows Server 2003 Active Directories. It can manipulate the AD on a local or remote machine (port 389 has to be open for LDAP) but has to have Microsoft .NET Framework 1.1 installed on the machine it's running on. If you wish to use it remotely, make sure the link is secure as this implementation binds using a cleartext password.
No minimum hardware requirements are specified. It was tested on an AD with over 5000 users in a production environment and 10000 users in a test environment. Active Directory has a limit of 10 million objects. The machines used for testing ranged from an Intel PIII 600MHz to an Intel P4 2.66GHz all running Windows 2000 Professional or Windows XP Professional.
The options explained.
Please contact me at pwojcick at wszib.edu.pl if you wish to start using Charon Migration Wizard.
