LDAP setup for local testing

Version 2

    This article describes a quick way to setup and populate LDAP server for local testing with GateIn portal. Example portal configurations with LDAP can be found in other articles. OpenDS is used as an example here but there are other good solutions available including Apache Directory Server, OpenLDAP or 389 Directory Server


    OpenDS Configuration

     

    • Download OpenDS
    • Unzip and install using commandline or GUI setup. Simply run the "OpenDS/setup" script. Use not populated default root DN. In all examples simple password "password" is used. Console output below:

     

    $ unzip -q OpenDS-2.2.0.zip
    $ cd OpenDS-2.2.0
    $ ./setup --cli

    OpenDS Directory Server 2.2.0
    Please wait while the setup program initializes...

    What would you like to use as the initial root user DN for the Directory
    Server? [cn=Directory Manager]:
    Please provide the password to use for the initial root user: password
    Please re-enter the password for confirmation: password

    On which port would you like the Directory Server to accept connections from
    LDAP clients? [1389]:

    On which port would you like the Administration Connector to accept
    connections? [4444]:

    What do you wish to use as the base DN for the directory data?
    [dc=example,dc=com]:
    Options for populating the database:

        1)  Only create the base entry
        2)  Leave the database empty
        3)  Import data from an LDIF file
        4)  Load automatically-generated sample data

    Enter choice [1]: 1

    Do you want to enable SSL? (yes / no) [no]:

    Do you want to enable Start TLS? (yes / no) [no]:

    Do you want to start the server when the configuration is completed? (yes /
    no) [yes]: no


    Setup Summary
    =============
    LDAP Listener Port:            1389
    Administration Connector Port: 4444
    LDAP Secure Access:            disabled
    Root User DN:                  cn=Directory Manager
    Directory Data:                Create New Base DN dc=example,dc=com.
    Base DN Data: Only Create Base Entry (dc=example,dc=com)

    Do not start Server when the configuration is completed


    What would you like to do?

        1)  Setup the server with the parameters above
        2)  Provide the setup parameters again
        3)  Cancel the setup

    Enter choice [1]:

    Configuring Directory Server ..... Done.
    Creating Base Entry dc=example,dc=com ..... Done.

    See /var/folders/Qf/Qf6bPQNGF+qwQ-3WGMTfEU+++TI/-Tmp-/opends-setup-8461612894216799799.log for a detailed log of this operation.

    To see basic server configuration status and configuration you can launch OpenDS-2.2.0/bin/status

     

    • Start the server:  $ ./bin/start-ds
    • A GUI tool can be used to control server: $./bin/status


    Populate LDAP

     

    Most servers come with a set of tools to perform LDAP operation. Standard LDAP commands (ldapmodify, ldapdelete....) are also available in most of Linux distributions. In this example commandline tools provided with OpenDS will be used. Ldif file used below is attached to this article

     

    Adding entries

    $ ./bin/ldapmodify -h localhost -p 1389 -D "cn=Directory Manager" -w password -a -f acme.ldif

     

    Processing ADD request for o=acme,dc=example,dc=com

    ADD operation successful for DN o=acme,dc=example,dc=com

    Processing ADD request for ou=People,o=acme,dc=example,dc=com

    ADD operation successful for DN ou=People,o=acme,dc=example,dc=com

    Processing ADD request for uid=admin,ou=People,o=acme,dc=example,dc=com

    ADD operation successful for DN uid=admin,ou=People,o=acme,dc=example,dc=com

    Processing ADD request for uid=user,ou=People,o=acme,dc=example,dc=com

    ADD operation successful for DN uid=user,ou=People,o=acme,dc=example,dc=com

    Processing ADD request for uid=jduke,ou=People,o=acme,dc=example,dc=com

    ADD operation successful for DN uid=jduke,ou=People,o=acme,dc=example,dc=com

    Processing ADD request for uid=jduke1,ou=People,o=acme,dc=example,dc=com

    ADD operation successful for DN uid=jduke1,ou=People,o=acme,dc=example,dc=com

    Processing ADD request for uid=jduke2,ou=People,o=acme,dc=example,dc=com

    ADD operation successful for DN uid=jduke2,ou=People,o=acme,dc=example,dc=com

    Processing ADD request for uid=jduke3,ou=People,o=acme,dc=example,dc=com

    ADD operation successful for DN uid=jduke3,ou=People,o=acme,dc=example,dc=com

    Processing ADD request for uid=jduke4,ou=People,o=acme,dc=example,dc=com

    ADD operation successful for DN uid=jduke4,ou=People,o=acme,dc=example,dc=com

    Processing ADD request for ou=Roles,o=acme,dc=example,dc=com

    ADD operation successful for DN ou=Roles,o=acme,dc=example,dc=com

    Processing ADD request for cn=admins,ou=Roles,o=acme,dc=example,dc=com

    ADD operation successful for DN cn=admins,ou=Roles,o=acme,dc=example,dc=com

    Processing ADD request for cn=employees,ou=Roles,o=acme,dc=example,dc=com

    ADD operation successful for DN cn=employees,ou=Roles,o=acme,dc=example,dc=com

    Processing ADD request for cn=echo,ou=Roles,o=acme,dc=example,dc=com

    ADD operation successful for DN cn=echo,ou=Roles,o=acme,dc=example,dc=com

    Processing ADD request for cn=echo1,ou=Roles,o=acme,dc=example,dc=com

    ADD operation successful for DN cn=echo1,ou=Roles,o=acme,dc=example,dc=com

    Processing ADD request for cn=theduke,ou=Roles,o=acme,dc=example,dc=com

    ADD operation successful for DN cn=theduke,ou=Roles,o=acme,dc=example,dc=com

    Processing ADD request for ou=OrganizationUnits,o=acme,dc=example,dc=com

    ADD operation successful for DN ou=OrganizationUnits,o=acme,dc=example,dc=com

    Processing ADD request for cn=foo,ou=OrganizationUnits,o=acme,dc=example,dc=com

    ADD operation successful for DN cn=foo,ou=OrganizationUnits,o=acme,dc=example,dc=com

    Processing ADD request for cn=bar,ou=OrganizationUnits,o=acme,dc=example,dc=com

    ADD operation successful for DN cn=bar,ou=OrganizationUnits,o=acme,dc=example,dc=com

     

     

    Removing entry

    $ ./bin/ldapdelete -h localhost -p 1389 -D "cn=Directory Manager" -w password -x "o=acme,dc=example,dc=com"
    Processing DELETE request for o=acme,dc=example,dc=com
    DELETE operation successful for DN o=acme,dc=example,dc=com

    $ ./bin/ldapdelete -h localhost -p 1389 -D "cn=Directory Manager" -w password -x "o=gatein,dc=example,dc=com"

     

    LDAP GUI

     

    Apache Directory Studio is a very good GUI for LDAP with binaries available for all major platforms. It supports import from LDIF using "right click" and removing entries with del key - for people that don't like working with commandline.