Difference between revisions of "Omldapsync HowTo - Seven"

From Scalix Wiki
Jump to: navigation, search
(Appendix D - OpenLDAP)
(Appendix E - Sun ONE Directory Server)
Line 55: Line 55:
  
 
== Appendix E - Sun ONE Directory Server ==
 
== Appendix E - Sun ONE Directory Server ==
Installing Sun ONE Directory Server
 
 
The majority of readers interested in the Sun ONE portions of this document  will have a Sun ONE Directory Server already functioning in their production environment; sometimes, however, it's nice to set up a lab machine for testing or proof of concept.  This section will step you through installing a minimal Sun ONE Directory Server.
 
The majority of readers interested in the Sun ONE portions of this document  will have a Sun ONE Directory Server already functioning in their production environment; sometimes, however, it's nice to set up a lab machine for testing or proof of concept.  This section will step you through installing a minimal Sun ONE Directory Server.
  
 
This document was written for Sun ONE Directory Server version 5.2 P6 2005Q4 running on Solaris 10 on an X86 laptop.  The information should be applicable to other platforms and versions, within reason.
 
This document was written for Sun ONE Directory Server version 5.2 P6 2005Q4 running on Solaris 10 on an X86 laptop.  The information should be applicable to other platforms and versions, within reason.
System Requirements
+
 
 +
=== System Requirements ===
 
The Sun ONE Directory Server is available for the following OS:
 
The Sun ONE Directory Server is available for the following OS:
Solaris 9 and 10
+
* Solaris 9 and 10
Red Had Enterprise Linux Advanced Server (AS) 3 and 4
+
* Red Had Enterprise Linux Advanced Server (AS) 3 and 4
HP-UX 11.11 (PA-RISC)
+
* HP-UX 11.11 (PA-RISC)
Microsoft Windows 2000 Server and Advanced Server
+
* Microsoft Windows 2000 Server and Advanced Server
Microsoft Windws Server 2003 Standard Edition and Enterprise Edition
+
* Microsoft Windws Server 2003 Standard Edition and Enterprise Edition
  
 
You will need 400 Gb of disk space.   
 
You will need 400 Gb of disk space.   
Line 71: Line 71:
 
More specification information is available from the vendor at http://www.sun.com/software/products/directory_srvr_ee/specs.jsp
 
More specification information is available from the vendor at http://www.sun.com/software/products/directory_srvr_ee/specs.jsp
  
Getting the Software
+
=== Getting the Software ===
 
To get the software, go to Sun's download page at http://www.sun.com/download/index.jsp
 
To get the software, go to Sun's download page at http://www.sun.com/download/index.jsp
Under "Identity Management", select "Directory Server"
 
Click to download "Directory Server"
 
Click "Download Now"
 
Step 1: Select Component - Directory Server
 
Step 2: Select Version - 5 2005Q4 (5.2 P6)
 
Step 3: Select Delivery Type - Native Package (PKG)
 
Note - only patches are available for X86 in ZIP format
 
Step 4: Select Platform - Solaris 10 X86
 
Click "View Downloads"
 
  
Download and Install the System Patches
+
* Under "Identity Management", select "Directory Server"
Download
+
* Click to download "Directory Server"
On the web page listing your selection results, select one of the System Patches; you will get an error in a new browser window because you are not logged in. Login (register if you have not yet done so).
+
* Click "Download Now"
Go back to the original window and select the patch again.
+
** Step 1: Select Component - Directory Server
Select "Download Patch: HTTP" and save to disk; save in /var/spool/patch.
+
** Step 2: Select Version - 5 2005Q4 (5.2 P6)
Download all the patches in this manner.
+
** Step 3: Select Delivery Type - Native Package (PKG) (Note - only patches are available for X86 in ZIP format; for the entire package you have to select PKG)
 +
** Step 4: Select Platform - Solaris 10 X86
 +
* Click "View Downloads"
  
Install
+
=== Download and Install the System Patches ===
 +
==== Download ====
 +
* On the web page listing your selection results, select one of the System Patches; you will get an error in a new browser window because you are not logged in. Login (register if you have not yet done so).
 +
* Go back to the original window and select the patch again.
 +
* Select "Download Patch: HTTP" and save to disk; save in ''/var/spool/patch''.
 +
* Download all the patches in this manner.
 +
 
 +
==== Install ====
 
For each patch, uncompress as follows:
 
For each patch, uncompress as follows:
unzip patchname.zip
+
unzip patchname.zip
For example:  unzip 119811-04.zip
+
For example:  
 +
  unzip 119811-04.zip
 
This will create a directory named patchname, for example 119811-04.
 
This will create a directory named patchname, for example 119811-04.
  
 
Add the patch:
 
Add the patch:
patchadd /var/spool/patch/119811-04
+
patchadd /var/spool/patch/119811-04
Download and Install Directory Server
+
 
 +
=== Download and Install Directory Server ===
 
On the web page listing your selection results, click "Base Full Install for Directory Server 5 2005Q4".  This will launch Sun's Download Center.  Accept the License Agreement, then select the following components.  Be careful when using the "check all" box in any section; it will select all the boxes in another section as well.
 
On the web page listing your selection results, click "Base Full Install for Directory Server 5 2005Q4".  This will launch Sun's Download Center.  Accept the License Agreement, then select the following components.  Be careful when using the "check all" box in any section; it will select all the boxes in another section as well.
  
Solaris x86 Platform - Sun Java Identity Management Suite - Solaris X86 Platform
+
* Solaris x86 Platform - Sun Java Identity Management Suite - Solaris X86 Platform
Sun Java TM Directory Server (java_es_05Q4_directory-ga-solaris-x86.zip)
+
* Sun Java TM Directory Server (java_es_05Q4_directory-ga-solaris-x86.zip)
  
 
Click the orange button that says "Download selected with Sun Download Manager"
 
Click the orange button that says "Download selected with Sun Download Manager"
 +
 
If you are presented with a dialog box asking if you want to save to disk or open with Sun Java 5.0 Web Start, choose to open with Sun Java 5.0 Web Start.
 
If you are presented with a dialog box asking if you want to save to disk or open with Sun Java 5.0 Web Start, choose to open with Sun Java 5.0 Web Start.
  
 
If the zip file does not self-extract, uncompress it with the following command:
 
If the zip file does not self-extract, uncompress it with the following command:
unzip java_es_05Q4_directory-ga-solaris-x86.zip
+
unzip java_es_05Q4_directory-ga-solaris-x86.zip
  
 
The Sun Java System Directory Server 5 2005Q4 is actually a portion of the Sun Java Enterprise System, so we will be installing the Enterprise System and only selecting the System Directory Server component.  You must be root to install the Sun Java Enterprise System.
 
The Sun Java System Directory Server 5 2005Q4 is actually a portion of the Sun Java Enterprise System, so we will be installing the Enterprise System and only selecting the System Directory Server component.  You must be root to install the Sun Java Enterprise System.
 +
cd java_es_05Q4_directory/Solaris_x86
 +
./installer -nodisplay
  
cd java_es_05Q4_directory/Solaris_x86
+
Read and accept the license agreement.
./installer -nodisplay
+
  
 
Read and accept the license agreement.
 
 
Select which language(s) you want installed.
 
Select which language(s) you want installed.
 +
 
Installation Type - when prompted "Do you want to install the full set of Sun Java(TM) Enterprise System Products and Services?" answer no.
 
Installation Type - when prompted "Do you want to install the full set of Sun Java(TM) Enterprise System Products and Services?" answer no.
 +
 
Select Sun Java(TM) System Directory Server 5 2005Q4 (option 3)
 
Select Sun Java(TM) System Directory Server 5 2005Q4 (option 3)
 +
 
Press Enter to accept the list of applications that the installer will install.
 
Press Enter to accept the list of applications that the installer will install.
 +
 
If prompted to upgrade the J2SE(TM) Software Development Kit, choose the automatic update option.
 
If prompted to upgrade the J2SE(TM) Software Development Kit, choose the automatic update option.
 +
 
Accept the default location for the installation directories when prompted.
 
Accept the default location for the installation directories when prompted.
 +
 
Select 1 to continue the installation.
 
Select 1 to continue the installation.
 +
 
Select 1 to configure now.
 
Select 1 to configure now.
 +
 
Answer the questions when prompted, making a note of the Server admin User ID (default "admin")  and password,  DN (default "cn=Directory Manager") and password.
 
Answer the questions when prompted, making a note of the Server admin User ID (default "admin")  and password,  DN (default "cn=Directory Manager") and password.
 +
 
When prompted about how you would like to populate the directory server with data, if you select 1 or 3, sample data will be automatically loaded.  If you select 2 or 3, you must have an LDIF file on disk from which data can be loaded.
 
When prompted about how you would like to populate the directory server with data, if you select 1 or 3, sample data will be automatically loaded.  If you select 2 or 3, you must have an LDIF file on disk from which data can be loaded.
 +
 
After answering all the questions, select 1 to Install the Java Enterprise System Directory Server.
 
After answering all the questions, select 1 to Install the Java Enterprise System Directory Server.
 +
 
View the installation summary and verify everything is correct.
 
View the installation summary and verify everything is correct.
  
Download Directory Server patch
+
=== Download Directory Server patch ===
 
Note: This is only necessary if you have an older installation of Sun ONE Directory Server and need to update it.  If you have just completed the full installation, you will be up to date and no patches are required.
 
Note: This is only necessary if you have an older installation of Sun ONE Directory Server and need to update it.  If you have just completed the full installation, you will be up to date and no patches are required.
  
On the web page listing your selection results, click "Directory Server 5 2005Q4 (5.2 Pg) PKG Patch".
+
* On the web page listing your selection results, click "Directory Server 5 2005Q4 (5.2 Pg) PKG Patch".
Select "Download Patch: HTTP" and save to disk.
+
* Select "Download Patch: HTTP" and save to disk.
 +
 
 
Uncompress as follows:
 
Uncompress as follows:
unzip patchname.zip
+
unzip patchname.zip
For example:  unzip 115615-28.zip
+
For example:  
 +
  unzip 115615-28.zip
 
This will create a directory named patchname, for example 115615-28.
 
This will create a directory named patchname, for example 115615-28.
  
 
Add the patch:
 
Add the patch:
patchadd /var/spool/patch/115615-28
+
patchadd /var/spool/patch/115615-28
 
+
  
About the Directory Server
+
=== Start and stopping the server ===
Start and stopping the server  
+
 
Both of these scripts must run with the same UID and GID as the Directory Server. For example, if the Directory Server runs as nobody, you must run the start-slapd and stop-slapd utilities as nobody.
 
Both of these scripts must run with the same UID and GID as the Directory Server. For example, if the Directory Server runs as nobody, you must run the start-slapd and stop-slapd utilities as nobody.
  
/usr/sbin/directoryserver start
+
Starting the server:
 +
/usr/sbin/directoryserver start
 
or
 
or
ServerRoot/slapd-serverID/start-slapd  
+
ServerRoot/slapd-serverID/start-slapd  
(example: /var/opt/mps/serverroot/slapd-fubar/start-slapd)
+
Example:
 +
/var/opt/mps/serverroot/slapd-fubar/start-slapd
  
/usr/sbin/directoryserver stop
+
Stopping the server:
 +
/usr/sbin/directoryserver stop
 
or
 
or
ServerRoot/slapd-serverID/stop-slapd  
+
ServerRoot/slapd-serverID/stop-slapd  
(example: /var/opt/mps/serverroot/slapd-fubar/stop-slapd)
+
Example:
 +
/var/opt/mps/serverroot/slapd-fubar/stop-slapd
 +
 
 +
=== Configuration ===
 +
Configuration information is stored in ''ServerRoot/slapd-serverID/config/dse.ldif''
 +
 
 +
Example: ''/var/opt/mps/serverroot/slapd-fubar/config/dse.ldif''
  
Getting Around
 
Configuration
 
Configuration information is stored in the following file:
 
ServerRoot/slapd-serverID/config/dse.ldif
 
example: /var/opt/mps/serverroot/slapd-fubar/config/dse.ldif
 
 
As the filename suggests, it is in LDAP Data Interchange Format (LDIF).
 
As the filename suggests, it is in LDAP Data Interchange Format (LDIF).
Schema
+
 
The schema definition is stored in multiple files in the following directory:
+
=== Schema ===
ServerRoot/slapd-serverID/config/schema
+
The schema definition is stored in multiple files in ''ServerRoot/slapd-serverID/config/schema''
example: /var/opt/mps/serverroot/slapd-fubar/config/schema
+
 
 +
Example: ''/var/opt/mps/serverroot/slapd-fubar/config/schema''
 +
 
 
These files are in the LDAP Data Interchange Format (LDIF).
 
These files are in the LDAP Data Interchange Format (LDIF).

Revision as of 18:57, 18 March 2008

Appendix D - OpenLDAP

Installing OpenLDAP The majority of readers interested in the OpenLDAP portions of this document will have an OpenLDAP Server already functioning in their production environment; sometimes, however, it's nice to set up a lab machine for testing or proof of concept. This section will step you through installing a minimal OpenLDAP Server on Ubuntu.

This document was written for OpenLDAP version 2.3.35 running on Ubuntu 7.10 (Gutsy Gibbon) on an X86 laptop. The information should be applicable to other platforms and versions, within reason.

Getting the Software

Install the slapd package via Synaptic (System -> Administration -> Synaptic Package Manager) or apt-get (apt-get install slapd).

Start and stopping OpenLDAP

/etc/init.d/slapd start
/etc/init.d/slapd start
/etc/init.d/slapd restart

Configuration

Configuration information is generally stored in /etc/ldap/slapd.conf though some OpenLDAP servers use /etc/openldap/slapd.conf.

You'll need to update the following lines in slapd.conf: 

suffix          "dc=mydomain,dc=net"
rootdn          "cn=admin,dc=mydomain,dc=net"
rootpw          {SSHA}EGBbPLdQg0o5RoUQBwIQBkymApuC/YFa
directory       "/var/lib/ldap/mydomain"

You can define multiple databases but each must have its own directory, they can't all share one directory.

The encrypted rootpw is created by running slappasswd; to create an encryption of the password "secret" you'd run: 

# slappasswd -s secret
{SSHA}91EpYZ0u6luAaVB4Q08TdrmhDfGVg8Hy

Schema

The schema definition is stored in multiple files in the etc/ldap/schema directory.

If your schema files are not in this location, check your slapd.conf file to see where they are located.

Inital Population of the Database

You can easily set up a basic structure with an LDIF file similar to the one below: 

# cat init.ldif
dn: dc=mydomain,dc=net
objectClass: dcObject
objectClass: organizationalUnit
dc: mydomain 
ou: MyDomain Dot Net

dn: ou=people,dc=mydomain,dc=net
objectClass: organizationalUnit
ou: people

dn: ou=groups,dc=mydomain,dc=net
objectClass: organizationalUnit
ou: groups

Then add these values with an ldapadd command: 

# ldapadd -x -D cn=admin,dc=mydomain,dc=net -w secret -f init.ldif

Appendix E - Sun ONE Directory Server

The majority of readers interested in the Sun ONE portions of this document will have a Sun ONE Directory Server already functioning in their production environment; sometimes, however, it's nice to set up a lab machine for testing or proof of concept. This section will step you through installing a minimal Sun ONE Directory Server.

This document was written for Sun ONE Directory Server version 5.2 P6 2005Q4 running on Solaris 10 on an X86 laptop. The information should be applicable to other platforms and versions, within reason.

System Requirements

The Sun ONE Directory Server is available for the following OS:

  • Solaris 9 and 10
  • Red Had Enterprise Linux Advanced Server (AS) 3 and 4
  • HP-UX 11.11 (PA-RISC)
  • Microsoft Windows 2000 Server and Advanced Server
  • Microsoft Windws Server 2003 Standard Edition and Enterprise Edition

You will need 400 Gb of disk space.

More specification information is available from the vendor at http://www.sun.com/software/products/directory_srvr_ee/specs.jsp

Getting the Software

To get the software, go to Sun's download page at http://www.sun.com/download/index.jsp

  • Under "Identity Management", select "Directory Server"
  • Click to download "Directory Server"
  • Click "Download Now"
    • Step 1: Select Component - Directory Server
    • Step 2: Select Version - 5 2005Q4 (5.2 P6)
    • Step 3: Select Delivery Type - Native Package (PKG) (Note - only patches are available for X86 in ZIP format; for the entire package you have to select PKG)
    • Step 4: Select Platform - Solaris 10 X86
  • Click "View Downloads"

Download and Install the System Patches

Download

  • On the web page listing your selection results, select one of the System Patches; you will get an error in a new browser window because you are not logged in. Login (register if you have not yet done so).
  • Go back to the original window and select the patch again.
  • Select "Download Patch: HTTP" and save to disk; save in /var/spool/patch.
  • Download all the patches in this manner.

Install

For each patch, uncompress as follows: 

unzip patchname.zip

For example: 

unzip 119811-04.zip

This will create a directory named patchname, for example 119811-04.

Add the patch: 

patchadd /var/spool/patch/119811-04

Download and Install Directory Server

On the web page listing your selection results, click "Base Full Install for Directory Server 5 2005Q4". This will launch Sun's Download Center. Accept the License Agreement, then select the following components. Be careful when using the "check all" box in any section; it will select all the boxes in another section as well.

  • Solaris x86 Platform - Sun Java Identity Management Suite - Solaris X86 Platform
  • Sun Java TM Directory Server (java_es_05Q4_directory-ga-solaris-x86.zip)

Click the orange button that says "Download selected with Sun Download Manager"

If you are presented with a dialog box asking if you want to save to disk or open with Sun Java 5.0 Web Start, choose to open with Sun Java 5.0 Web Start.

If the zip file does not self-extract, uncompress it with the following command: 

unzip java_es_05Q4_directory-ga-solaris-x86.zip

The Sun Java System Directory Server 5 2005Q4 is actually a portion of the Sun Java Enterprise System, so we will be installing the Enterprise System and only selecting the System Directory Server component. You must be root to install the Sun Java Enterprise System. 

cd java_es_05Q4_directory/Solaris_x86
./installer -nodisplay

Read and accept the license agreement.

Select which language(s) you want installed.

Installation Type - when prompted "Do you want to install the full set of Sun Java(TM) Enterprise System Products and Services?" answer no.

Select Sun Java(TM) System Directory Server 5 2005Q4 (option 3)

Press Enter to accept the list of applications that the installer will install.

If prompted to upgrade the J2SE(TM) Software Development Kit, choose the automatic update option.

Accept the default location for the installation directories when prompted.

Select 1 to continue the installation.

Select 1 to configure now.

Answer the questions when prompted, making a note of the Server admin User ID (default "admin") and password, DN (default "cn=Directory Manager") and password.

When prompted about how you would like to populate the directory server with data, if you select 1 or 3, sample data will be automatically loaded. If you select 2 or 3, you must have an LDIF file on disk from which data can be loaded.

After answering all the questions, select 1 to Install the Java Enterprise System Directory Server.

View the installation summary and verify everything is correct.

Download Directory Server patch

Note: This is only necessary if you have an older installation of Sun ONE Directory Server and need to update it. If you have just completed the full installation, you will be up to date and no patches are required.

  • On the web page listing your selection results, click "Directory Server 5 2005Q4 (5.2 Pg) PKG Patch".
  • Select "Download Patch: HTTP" and save to disk.

Uncompress as follows: 

unzip patchname.zip

For example: 

unzip 115615-28.zip

This will create a directory named patchname, for example 115615-28.

Add the patch: 

patchadd /var/spool/patch/115615-28

Start and stopping the server

Both of these scripts must run with the same UID and GID as the Directory Server. For example, if the Directory Server runs as nobody, you must run the start-slapd and stop-slapd utilities as nobody.

Starting the server: 

/usr/sbin/directoryserver start

or 

ServerRoot/slapd-serverID/start-slapd 
Example:
/var/opt/mps/serverroot/slapd-fubar/start-slapd

Stopping the server: 

/usr/sbin/directoryserver stop

or 

ServerRoot/slapd-serverID/stop-slapd 
Example:
/var/opt/mps/serverroot/slapd-fubar/stop-slapd

Configuration

Configuration information is stored in ServerRoot/slapd-serverID/config/dse.ldif

Example: /var/opt/mps/serverroot/slapd-fubar/config/dse.ldif

As the filename suggests, it is in LDAP Data Interchange Format (LDIF).

Schema

The schema definition is stored in multiple files in ServerRoot/slapd-serverID/config/schema

Example: /var/opt/mps/serverroot/slapd-fubar/config/schema

These files are in the LDAP Data Interchange Format (LDIF).

Retrieved from "https://www.scalix.com/wiki/index.php?title=Omldapsync_HowTo_-_Seven&oldid=4167"