Creating The Ldap Structure (Based On Openldap) - Fujitsu PRIMERGY ServerView BX900 User Manual

Global User Management Configuring an openLDAP Server
To apply the changes just restart LDAP using the command:
# service ldap restart
In order to connect to the domain it is necessary to set up a base structure. This is done by using the ldapadd
command and an ldif configuration file. Because there is no sample configuration file in /etc/openldap/ you must
create one from scratch.
Create a new file named <my-name>.ldif, e.g. in this example testdomain2.ldif, open it with an editor of your choice
and create the following content:
dn: dc=<MY-DOMAIN>,dc=<COM>
objectclass: dcObject
objectclass: organization
o: <EXAMPLE ORGANISATION>
dc: <MY-DOMAIN>
dn: cn=<ACCOUNTNAME>,dc=<MY-DOMAIN>,dc=<COM>
objectclass: organizationalRole
cn: <ACCOUNTNAME>
Or as in the example:
dn: dc=testdomain2,dc=local
objectclass: dcObject
objectclass: organization
o: TestOrganization
dc: testdomain2
dn: cn=Manager,dc=testdomain2,dc=local
objectclass: organizationalRole
cn: Manager
The first part will create the base domain structure and the second part an administrator account.
After the file is saved the structure can be created by ldapadd using the following command:
# ldapadd -x -D "cn=<ACCOUNTNAME>,dc=<MY-DOMAIN>,dc=<COM>" -W -f example.ldif
Or as in the example:
# ldapadd -x -D "cn=Manager,dc=testdomain2,dc=local" -W -f testdomain2.ldif
After the base structure is created various LDAP browsers can be used to view and manage the domain (e.g.
phpLDAPadmin).

6.2.2 Creating the LDAP Structure (Based on openLDAP)

To permit the management blade to be accessed by means of an LDAP user, a particular structure consisting of
Organizational Units (OUs) and Groups must be set up. A sample configuration is described here.
The tool SVS_LDAPDeployer (v. 1.00.09209) can be used to create the structure. The tool can be used from any
system with network access to the openLDAP Server which has at least Java v1.5 installed.
The configuration file Generic_InitialDeploy.xml is included in the SVS_LDAPDeployer software package and
should be edited according to your specific needs before deploying the structure into the openLDAP directory.
The following sections should be edited:
– <DirectoryService> : Contains the IP and Port of the openLDAP Server.
– <DirectoryType> : Sets the type of LDAP directory, in this example Open LDAP.
– <root> : Contains the root level of your domain, e.g. for testdomain2.local "dc=testdomain2,dc=local".
– <username>: Contains the manager's user name in the notation "cn=Manager,dc=testdomain2,dc=local".
ServerView BX900 Management Blade 71