Omldapsync HowTo - Seven

From Scalix Wiki
Jump to: navigation, search

Appendix D - OpenLDAP

The majority of readers interested in the OpenLDAP portions of this document will have an OpenLDAP Server already functioning in their production environment; sometimes, however, it's nice to set up a lab machine for testing or proof of concept. This section will step you through installing a minimal OpenLDAP Server on Ubuntu.

This document was written for OpenLDAP version 2.3.35 running on Ubuntu 7.10 (Gutsy Gibbon) on an X86 laptop. The information should be applicable to other platforms and versions, within reason.

Getting the Software

Install the slapd package via Synaptic (System -> Administration -> Synaptic Package Manager) or apt-get (apt-get install slapd).

Start and stopping OpenLDAP

/etc/init.d/slapd start
/etc/init.d/slapd start
/etc/init.d/slapd restart

Configuration

Configuration information is generally stored in /etc/ldap/slapd.conf though some OpenLDAP servers use /etc/openldap/slapd.conf.

You'll need to update the following lines in slapd.conf: 

suffix          "dc=mydomain,dc=net"
rootdn          "cn=admin,dc=mydomain,dc=net"
rootpw          {SSHA}EGBbPLdQg0o5RoUQBwIQBkymApuC/YFa
directory       "/var/lib/ldap/mydomain"

You can define multiple databases but each must have its own directory, they can't all share one directory.

The encrypted rootpw is created by running slappasswd; to create an encryption of the password "secret" you'd run: 

# slappasswd -s secret
{SSHA}91EpYZ0u6luAaVB4Q08TdrmhDfGVg8Hy

Schema

The schema definition is stored in multiple files in the etc/ldap/schema directory.

If your schema files are not in this location, check your slapd.conf file to see where they are located.

Inital Population of the Database

You can easily set up a basic structure with an LDIF file similar to the one below: 

# cat init.ldif
dn: dc=mydomain,dc=net
objectClass: dcObject
objectClass: organizationalUnit
dc: mydomain 
ou: MyDomain Dot Net

dn: ou=people,dc=mydomain,dc=net
objectClass: organizationalUnit
ou: people

dn: ou=groups,dc=mydomain,dc=net
objectClass: organizationalUnit
ou: groups

Then add these values with an ldapadd command: 

# ldapadd -x -D cn=admin,dc=mydomain,dc=net -w secret -f init.ldif

Appendix E - Sun ONE Directory Server

The majority of readers interested in the Sun ONE portions of this document will have a Sun ONE Directory Server already functioning in their production environment; sometimes, however, it's nice to set up a lab machine for testing or proof of concept. This section will step you through installing a minimal Sun ONE Directory Server.

This document was written for Sun ONE Directory Server version 5.2 P6 2005Q4 running on Solaris 10 on an X86 laptop. The information should be applicable to other platforms and versions, within reason.

System Requirements

The Sun ONE Directory Server is available for the following OS:

  • Solaris 9 and 10
  • Red Had Enterprise Linux Advanced Server (AS) 3 and 4
  • HP-UX 11.11 (PA-RISC)
  • Microsoft Windows 2000 Server and Advanced Server
  • Microsoft Windws Server 2003 Standard Edition and Enterprise Edition

You will need 400 Gb of disk space.

More specification information is available from the vendor at http://www.sun.com/software/products/directory_srvr_ee/specs.jsp

Getting the Software

To get the software, go to Sun's download page at http://www.sun.com/download/index.jsp

  • Under "Identity Management", select "Directory Server"
  • Click to download "Directory Server"
  • Click "Download Now"
    • Step 1: Select Component - Directory Server
    • Step 2: Select Version - 5 2005Q4 (5.2 P6)
    • Step 3: Select Delivery Type - Native Package (PKG) (Note - only patches are available for X86 in ZIP format; for the entire package you have to select PKG)
    • Step 4: Select Platform - Solaris 10 X86
  • Click "View Downloads"

Download and Install the System Patches

Download

  • On the web page listing your selection results, select one of the System Patches; you will get an error in a new browser window because you are not logged in. Login (register if you have not yet done so).
  • Go back to the original window and select the patch again.
  • Select "Download Patch: HTTP" and save to disk; save in /var/spool/patch.
  • Download all the patches in this manner.

Install

For each patch, uncompress as follows: 

unzip patchname.zip

For example: 

unzip 119811-04.zip

This will create a directory named patchname, for example 119811-04.

Add the patch: 

patchadd /var/spool/patch/119811-04

Download and Install Directory Server

On the web page listing your selection results, click "Base Full Install for Directory Server 5 2005Q4". This will launch Sun's Download Center. Accept the License Agreement, then select the following components. Be careful when using the "check all" box in any section; it will select all the boxes in another section as well.

  • Solaris x86 Platform - Sun Java Identity Management Suite - Solaris X86 Platform
  • Sun Java TM Directory Server (java_es_05Q4_directory-ga-solaris-x86.zip)

Click the orange button that says "Download selected with Sun Download Manager"

If you are presented with a dialog box asking if you want to save to disk or open with Sun Java 5.0 Web Start, choose to open with Sun Java 5.0 Web Start.

If the zip file does not self-extract, uncompress it with the following command: 

unzip java_es_05Q4_directory-ga-solaris-x86.zip

The Sun Java System Directory Server 5 2005Q4 is actually a portion of the Sun Java Enterprise System, so we will be installing the Enterprise System and only selecting the System Directory Server component. You must be root to install the Sun Java Enterprise System. 

cd java_es_05Q4_directory/Solaris_x86
./installer -nodisplay

Read and accept the license agreement.

Select which language(s) you want installed.

Installation Type - when prompted "Do you want to install the full set of Sun Java(TM) Enterprise System Products and Services?" answer no.

Select Sun Java(TM) System Directory Server 5 2005Q4 (option 3)

Press Enter to accept the list of applications that the installer will install.

If prompted to upgrade the J2SE(TM) Software Development Kit, choose the automatic update option.

Accept the default location for the installation directories when prompted.

Select 1 to continue the installation.

Select 1 to configure now.

Answer the questions when prompted, making a note of the Server admin User ID (default "admin") and password, DN (default "cn=Directory Manager") and password.

When prompted about how you would like to populate the directory server with data, if you select 1 or 3, sample data will be automatically loaded. If you select 2 or 3, you must have an LDIF file on disk from which data can be loaded.

After answering all the questions, select 1 to Install the Java Enterprise System Directory Server.

View the installation summary and verify everything is correct.

Download Directory Server patch

Note: This is only necessary if you have an older installation of Sun ONE Directory Server and need to update it. If you have just completed the full installation, you will be up to date and no patches are required.

  • On the web page listing your selection results, click "Directory Server 5 2005Q4 (5.2 Pg) PKG Patch".
  • Select "Download Patch: HTTP" and save to disk.

Uncompress as follows: 

unzip patchname.zip

For example: 

unzip 115615-28.zip

This will create a directory named patchname, for example 115615-28.

Add the patch: 

patchadd /var/spool/patch/115615-28

Start and stopping the server

Both of these scripts must run with the same UID and GID as the Directory Server. For example, if the Directory Server runs as nobody, you must run the start-slapd and stop-slapd utilities as nobody.

Starting the server: 

/usr/sbin/directoryserver start

or 

ServerRoot/slapd-serverID/start-slapd 
Example:
/var/opt/mps/serverroot/slapd-fubar/start-slapd

Stopping the server: 

/usr/sbin/directoryserver stop

or 

ServerRoot/slapd-serverID/stop-slapd 
Example:
/var/opt/mps/serverroot/slapd-fubar/stop-slapd

Configuration

Configuration information is stored in ServerRoot/slapd-serverID/config/dse.ldif

Example: /var/opt/mps/serverroot/slapd-fubar/config/dse.ldif

As the filename suggests, it is in LDAP Data Interchange Format (LDIF).

Schema

The schema definition is stored in multiple files in ServerRoot/slapd-serverID/config/schema

Example: /var/opt/mps/serverroot/slapd-fubar/config/schema

These files are in the LDAP Data Interchange Format (LDIF).

Appendix E - Active Directory

Retrieved from "https://www.scalix.com/wiki/index.php?title=Omldapsync_HowTo_-_Seven&oldid=4248"