JNDI + LDAP + Active Directory + ObjectChangeListener

Hello,

I am looking for an example that combines the above technologies.

The documentation I have been able to find says that ActiveDirectory
does not implement the persistent search control mechanism and thus
prevents the use of a NamingListener or ObjectChangeListener.

I have found other posts such as:

[url]http://archives.java.sun.com/cgi-bin/wa?A2=ind0205&L=jndi-interest&F=&S=&P=3878[/u
rl]

that give me some hope that someone has been able to implement a work
around, however no concrete examples have been forthcoming.

My dilema is that I need to integrate a central
Authentication/Auditing server with Active Directory and other LDAP
enabled server applicaltions, such as OpenLDAP.

The Authentication app in "native" mode maintains its own user datbase
and ideally would maintain a replica of user information when swicthed
over to "LDAP" mode. The need to maintain a syncronized replica is a
result of the auditing that needs to be performed for any of our
client applications that authenticate against the Authentication
server. ie. we need to be able to trace accountability for any log
events, logged through the Authentication server.

I have the JNDI authentication and initial data retrieval from Active
Directory woking ok. BUT I need to be alerted by Active Directory
when, for example, a Username is altered so that this can then be
replicated to my Authentication server db. Essentially I am only
interested in the username becuase it will form the unique key of my
database. As long as I have a handle in my database to the User within
Active Directory I will be able to query and update any other
demographics that may have changed.

Any insight/help/examples would be much appreciated.

My contact email is: josh@promed.com.au

Kind Regards

Josh.