...
To setup the directory service, the steps below are to be performed:
- Stop any running instance of ApacheDS.
- Take a backup of server.xml
/var/lib/apacheds-1.5.4/default/conf/server.xml
(Default path: If the DS instances were installed in a location different, server.xml will be available inside the directory at that location.) - Modify server.xml by adding the line below within the tag </partitions> ... </partitions>
<jdbmPartition id="fiorano" cacheSize="100" suffix="o=fiorano,c=US" optimizerEnabled="true" syncOnWrite="true"/>
- Run apacheds
/etc/init.d/
apacheds
...
start
- Login through the Apache Directory Studio.
- User: uid=admin,ou=system. (Default)
- Password: secret. (Default)
Import the LDIF content below using Apache Directory Studio. (Menu: LDAP -> New LDIF File)
Code Block dn: o=fiorano,c=us objectclass: top objectClass: organization o: fiorano dn: cn=FMQServerConfigFiles,o=fiorano,c=us objectclass: top objectClass: organizationalRole cn: FMQServerConfigFiles dn: cn=FioranoMQUsers,o=fiorano,c=us objectClass: top objectClass: organizationalRole cn: FioranoMQUsers dn: cn=FioranoMQGroups,o=fiorano,c=us objectClass: top objectClass: organizationalRole cn: FioranoMQGroups dn: cn=ACL,o=fiorano,c=US objectclass: top objectClass: organizationalRole cn: ACL dn: cn=FMQRoot,o=fiorano,c=us objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: person objectClass: top cn: FMQRoot cn: system administrator sn: administrator displayname: Directory Superuser userpassword:: c2VjcmV0
- Re-login through Apache Directory Studio to see the added children.
7.9.2.2 Setting up the profile for use with ApacheDS1.5.4
...
- After opening the profile in Fiorano Studio for offline editing and changing the Principal Manager implementation to LDAP as explained in section 7.5 Modifying Principal Manager Implementation, change the following node: Fiorano > security > PrincipalManager > LdapPrincipalManager
Figure: LDAP_Conf 1
For more information on the parameters shown in the above figure, please refer to the FioranoMQ Reference Guide.
Once the FioranoMQ is configured to use LDAP to store users and groups and the server is started, it sequentially creates them. The way in which the users and groups are stored in the LDAP-provider is illustrated using the following figure.
Figure: LDAP_Browser 1
...
- After opening the profile in Fiorano Studio for offline editing and changing the ACL implementation to LDAP as explained in section 7.4 Modifying ACLManager Implementation, change the following node: Fiorano Fiorano > security > AclManager > LdapBasedAclManager
Figure: LDAP_Conf2.png goes here
For more information on the parameters given in the above picture, please refer to the FioranoMQ Reference Guide.
Once the FioranoMQ is configured to use LDAP to store Access Control Lists (ACLs) and the server is started, it sequentially creates the ACLs for each of the destinations. The way in which the ACLs are stored in the LDAP-provider is illustrated in the figure below:
Figure: LDAP_Browser 2