Introduction
The recent JNDI article and an upcoming JAAS article require an LDAP server. This tutorial will walk through the basic details of reproducing the Openldap Server used in these two articles.
Openldap, Sun LDAP Server, and IBM Directory Server all started out as the same University of Michigan code base. Each of them has a slapd process running that makes up the “LDAP Server”. There are probably other variants of this code base running around.
This is by no means an exhaustive tutorial; www.openldap.org has excellent documentation. This post gives enough information to recreate the LDAP database being used in recent examples on Thinkmiddleware.com
Instructions
By no means will this be an exhaustive tutorial, but it should get the adventurous moving in the generally correct direction.
- Download, compile, and install the most recent Openldap source tree from www.openldap.com following the instructions provided in the Quickstart guide.
- This should have created an LDAP database whose configuration files live under /usr/local/etc/openldap. The Java and InetOrgPerson schemas need to be added to the new LDAP database. Add the following to slapd.conf in this directory
- include /usr/local/etc/openldap/schema/java.schema
- include /usr/local/etc/openldap/schema/core.schema
- include /usr/local/etc/openldap/schema/cosine.schema
- include /usr/local/etc/openldap/schema/inetorgperson.schema
- The slapd.conf file used in the articles presented on this site contains the following:
- database bdb
- suffix “dc=thinkmiddleware,dc=com”
- rootdn “cn=Manager,dc=thinkmiddleware,dc=com”
- Create a start command called /usr/local/bin/startLdap that contains the following:
- You can then start the LDAP Server by running startLdap.
- Verify a slapd process is running with “ps -ef | grep slapd”.
- Verify that something is listening on port 389 with “netstat -an | grep 389”.
- Create an addUser.sh script that contained the following:
- Create a script called loadUsers.sh that contains the following:
- Create a file called dummy.ldif, which contains the following:
- Using the Ldap Browser mentioned in the JNDI Tutorial, add a new Organization Unit, “ou=Users” under the “dc=thinkmiddleware,dc=com” branch.
- Create 5000 users under “ou=Users,dc=thinkmiddleware,dc=com” by running loadUsers.sh. Note, this creates 5000 separate LDIF (LDAP Data Interchange Format) files, but deletes the LDIF file created on each iteration.
#!/bin/bash
set -x
su root -c /usr/local/libexec/slapd
#!/bin/bash
PASSWORD=$2
ldapadd -x -D “cn=Manager,dc=thinkmiddleware,dc=com” -w ${PASSWORD} -f $1.ldif
#!/bin/bash
COUNT=0
TOTAL=5000
echo “Password: ”
read PASSWORD
while [ $COUNT -lt $TOTAL ];
do
COUNT=`expr $COUNT + 1`
echo “Adding user $COUNT”
cp dummy.ldif $COUNT.ldif
sed s/”dummy”/”$COUNT”/g $COUNT.ldif > $COUNT.ldif.tmp
mv $COUNT.ldif.tmp $COUNT.ldif
./addUser.sh $COUNT $PASSWORD
rm $COUNT.ldif
done;
dn: cn=dummy,ou=Users,dc=thinkmiddleware,dc=com
objectClass: inetOrgPerson
cn: dummy
sn: dummy
mail: 01@thinkmiddleware.com
userPassword: secret
The 5000 users are named: 1,2,…,4999,5000. The password for each is “secret”; for anything important, a different password is recommended. The Distinguished Name for each user is “cn=####,ou=User,dc=thinkmiddleware,dc=com” where ####=1,2,…,4999,5000.
At this point, an LDAP database that be used with example code in the JNDI & JAAS articles has been created.
Reference
[1] http://www.openldap.org
[2] http://www.mcs.anl.gov/~gawor/ldap/
[3] http://www.openldap.org/doc/admin24/quickstart.html