Saturday, March 14, 2015

How to create a LDAP from Apache Directory Studio?

To start creating a LDAP you need to have ApacheDS, Apache Directory Studio downloaded and installed.

You can download and install them from ApacheDS and Apache Directory Studio.
  • Open Apache Directory Studio.
  • From the left side bottom corner click 'Show view as a fast view' icon

  •  A drop down menu will appear. You can select and add the item you want from that.
  • Go to LDAP server section. 
  • Click the New Server icon. New LDAP server window will appear.
    In this I will be selecting the new version and click Finish.
     
     
  • The ApacheDS 2.0.0 will be added as shown in the image.
  • You can create a LDAP servers as you want (Click New > New Server) by selecting the versions.

  • Select the created server and click the Run button to start the server.
  • Create a connection to the server.
    Right click > Create a Connection. Give a name as you prefer.

(Default instance of the Apache DS is : user name is ‘uid=admin, ou=system’ and Bind password is: ‘secret’)

  • Go to the Connections and double click the name of the new connection you created.
  • If it is properly created, you should see an outline of the Directory Information Tree (DIT) in the LDAP Browser.



  • Now you can create the structure of the LDAP as you want it to be.
  • Right click on the  node dc or ou and select New > New Entry. The New Entry wizard appears.


  • Entry Creation Method window will appear. Select the Create entry from scratch radio button and click Next.

  • Find the organizationalUnit object. Select it and click Add button.
    Click Next.
  • In the RDN field type ou.
    In the value field type Groups.
    Click Next.
  • The Attributes window will appear. You can see the added values.
    Click Finish.
  • Now you can see the ou=Groups is displayed in the Browser pane.
  • To add ou=Users do the same steps as above.

    Adding users

  • Right click the ou=users entry. Select New. Select New Entry.
  • Entry Creation Method window will appear. Select the Create entry from scratch radio button and click Next.
  • Find inetOrgPerson object. Select it then click Add button.
    Click Next.
  • In the RDN field type cn. In the value field type the user name you want to add.

  • Click Next. The Attributes window will appear.
  • Under the sn attribute, enter Weerawardana (sn stands for Surname)
  • We need to add a username for this user.
    Right-click on the same window. Select New Attribute. The Attribute Type window will appear.
  • In the 'Attribute type' field, type uid. (This will serve as the username of the person)
    Click Next, then click Finish.
  • You will be directed back to the Attributes window.
  • For the uid attribute value, type kweerawardana
  • Now we should add a password for this user.
  • Right click on the same window. Select New Attribute. The Attribute Type window will appear.
  • In the 'Attribute type' field, type userPassword. This will serve as the password of the person.
    Click Next, then click Finish.
  • You will be asked to enter a password. Enter pass as the new password.
  • Keep the value for the Select Hash Method field as you prefer. As Plaintext, SHA etc..
    Click OK.
  • A new entry will be added under the ou=users. The new entry is cn=Kala Weerawardana.
  • You can add more users by following the same steps as above.

 

Add the Authorization Levels

  • Right click the ou=groups entry. Select New > New Entry.
    The Entry Creation Method window will appear.
  • Entry Creation Method window will appear. Select the Create entry from scratch radio button and click Next.
  • Find the groupOfUniqueNames object. Select it then click Add button.
    Click Next.
     
  • In the RDN field type cn. In the value field type User
    Click Next. The Attributes window will appear.
     
  • There will be an uniqueMember attribute.
    One uniqueMember attribute will represents one user.
     
  • So if you have more to add,
    Right-click on the same window. Select New Attribute. The Attribute Type window will appear.
     
  • On the Attribute type field, enter uniqueMember.
    Click Next, then click Finish.
     
  • In each entry you add the dn of each user.
    ex : cn=Kala Weerawardana,ou=Users,dc=wso2,dc=com
     
  • Click Finish after adding all.
     
  • A new entry has been added under the ou=groups. The new entry is cn=User.

If you want to add an admin user,
  • Right click the ou=groups entry. Select New > New Entry.
    The Entry Creation Method window will appear.
  • Entry Creation Method window will appear. Select the Create entry from scratch radio button and click Next.
  • Find the groupOfUniqueNames object. Select it then click Add button.
    Click Next.
  • In the RDN field type cn. In the value field type Admin
    Click Next. The Attributes window will appear.
     
  • There will be an uniqueMember attribute.
    One uniqueMember attribute will represents one user.  You can follow the previous steps.
     
  • Click Finish after adding all.
  • A new entry has been added under the ou=groups. The new entry is cn=Admin.

* If you wish to work with tenants in a product, you can add ou=Tenants to this structure as well by simply following the previous steps.
By adding ou=Tenants you can organize your structure well in the tenant creation flows without messing up the directory structure.

You are now done with creating a sample structure :)


If you want to view the data in your structure you can view that in the created LDIF.
  • Right click on your entry.
  • Click Export > LDIF Export
     
  • Data To Export window will pop up. Click Next.
  • Click Browse button. Give a name for the file and the location to be added.
     
  • Click Save.
    Click Finish.

You can modify data in this file as well to make changes to your created structure.


Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)