This article describes a quick way to setup and populate LDAP server for local testing with GateIn portal. Example portal configurations with LDAP can be found in other articles. OpenDS is used as an example here but there are other good solutions available including Apache Directory Server, OpenLDAP or 389 Directory Server
OpenDS Configuration
- Download OpenDS
- Unzip and install using commandline or GUI setup. Simply run the "OpenDS/setup" script. Use not populated default root DN. In all examples simple password "password" is used. Console output below:
$ unzip -q OpenDS-2.2.0.zip
$ cd OpenDS-2.2.0
$ ./setup --cli
OpenDS Directory Server 2.2.0
Please wait while the setup program initializes...
What would you like to use as the initial root user DN for the Directory
Server? [cn=Directory Manager]:
Please provide the password to use for the initial root user: password
Please re-enter the password for confirmation: password
On which port would you like the Directory Server to accept connections from
LDAP clients? [1389]:
On which port would you like the Administration Connector to accept
connections? [4444]:
What do you wish to use as the base DN for the directory data?
[dc=example,dc=com]:
Options for populating the database:
1) Only create the base entry
2) Leave the database empty
3) Import data from an LDIF file
4) Load automatically-generated sample data
Enter choice [1]: 1
Do you want to enable SSL? (yes / no) [no]:
Do you want to enable Start TLS? (yes / no) [no]:
Do you want to start the server when the configuration is completed? (yes /
no) [yes]: no
Setup Summary
=============
LDAP Listener Port: 1389
Administration Connector Port: 4444
LDAP Secure Access: disabled
Root User DN: cn=Directory Manager
Directory Data: Create New Base DN dc=example,dc=com.
Base DN Data: Only Create Base Entry (dc=example,dc=com)
Do not start Server when the configuration is completed
What would you like to do?
1) Setup the server with the parameters above
2) Provide the setup parameters again
3) Cancel the setup
Enter choice [1]:
Configuring Directory Server ..... Done.
Creating Base Entry dc=example,dc=com ..... Done.
See /var/folders/Qf/Qf6bPQNGF+qwQ-3WGMTfEU+++TI/-Tmp-/opends-setup-8461612894216799799.log for a detailed log of this operation.
To see basic server configuration status and configuration you can launch OpenDS-2.2.0/bin/status
- Start the server: $ ./bin/start-ds
- A GUI tool can be used to control server: $./bin/status
Populate LDAP
Most servers come with a set of tools to perform LDAP operation. Standard LDAP commands (ldapmodify, ldapdelete....) are also available in most of Linux distributions. In this example commandline tools provided with OpenDS will be used. Ldif file used below is attached to this article
Adding entries
$ ./bin/ldapmodify -h localhost -p 1389 -D "cn=Directory Manager" -w password -a -f acme.ldif
Processing ADD request for o=acme,dc=example,dc=com
ADD operation successful for DN o=acme,dc=example,dc=com
Processing ADD request for ou=People,o=acme,dc=example,dc=com
ADD operation successful for DN ou=People,o=acme,dc=example,dc=com
Processing ADD request for uid=admin,ou=People,o=acme,dc=example,dc=com
ADD operation successful for DN uid=admin,ou=People,o=acme,dc=example,dc=com
Processing ADD request for uid=user,ou=People,o=acme,dc=example,dc=com
ADD operation successful for DN uid=user,ou=People,o=acme,dc=example,dc=com
Processing ADD request for uid=jduke,ou=People,o=acme,dc=example,dc=com
ADD operation successful for DN uid=jduke,ou=People,o=acme,dc=example,dc=com
Processing ADD request for uid=jduke1,ou=People,o=acme,dc=example,dc=com
ADD operation successful for DN uid=jduke1,ou=People,o=acme,dc=example,dc=com
Processing ADD request for uid=jduke2,ou=People,o=acme,dc=example,dc=com
ADD operation successful for DN uid=jduke2,ou=People,o=acme,dc=example,dc=com
Processing ADD request for uid=jduke3,ou=People,o=acme,dc=example,dc=com
ADD operation successful for DN uid=jduke3,ou=People,o=acme,dc=example,dc=com
Processing ADD request for uid=jduke4,ou=People,o=acme,dc=example,dc=com
ADD operation successful for DN uid=jduke4,ou=People,o=acme,dc=example,dc=com
Processing ADD request for ou=Roles,o=acme,dc=example,dc=com
ADD operation successful for DN ou=Roles,o=acme,dc=example,dc=com
Processing ADD request for cn=admins,ou=Roles,o=acme,dc=example,dc=com
ADD operation successful for DN cn=admins,ou=Roles,o=acme,dc=example,dc=com
Processing ADD request for cn=employees,ou=Roles,o=acme,dc=example,dc=com
ADD operation successful for DN cn=employees,ou=Roles,o=acme,dc=example,dc=com
Processing ADD request for cn=echo,ou=Roles,o=acme,dc=example,dc=com
ADD operation successful for DN cn=echo,ou=Roles,o=acme,dc=example,dc=com
Processing ADD request for cn=echo1,ou=Roles,o=acme,dc=example,dc=com
ADD operation successful for DN cn=echo1,ou=Roles,o=acme,dc=example,dc=com
Processing ADD request for cn=theduke,ou=Roles,o=acme,dc=example,dc=com
ADD operation successful for DN cn=theduke,ou=Roles,o=acme,dc=example,dc=com
Processing ADD request for ou=OrganizationUnits,o=acme,dc=example,dc=com
ADD operation successful for DN ou=OrganizationUnits,o=acme,dc=example,dc=com
Processing ADD request for cn=foo,ou=OrganizationUnits,o=acme,dc=example,dc=com
ADD operation successful for DN cn=foo,ou=OrganizationUnits,o=acme,dc=example,dc=com
Processing ADD request for cn=bar,ou=OrganizationUnits,o=acme,dc=example,dc=com
ADD operation successful for DN cn=bar,ou=OrganizationUnits,o=acme,dc=example,dc=com
Removing entry
$ ./bin/ldapdelete -h localhost -p 1389 -D "cn=Directory Manager" -w password -x "o=acme,dc=example,dc=com"
Processing DELETE request for o=acme,dc=example,dc=com
DELETE operation successful for DN o=acme,dc=example,dc=com
$ ./bin/ldapdelete -h localhost -p 1389 -D "cn=Directory Manager" -w password -x "o=gatein,dc=example,dc=com"
LDAP GUI
Apache Directory Studio is a very good GUI for LDAP with binaries available for all major platforms. It supports import from LDIF using "right click" and removing entries with del key - for people that don't like working with commandline.
Comments