docker run -d --rm --name apacheds -p 10389:10389 greggigon/apacheds
docker exec -ti apacheds bash
ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 18:48 ? 00:00:00 /bin/bash /usr/local/bin/apacheds.sh
apacheds 93 1 0 03:40 ? 00:00:01 /opt/apacheds-2.0.0_M24/bin/wrapper /var/lib/apacheds-2.0.0_M24/default/conf/wrapper-instance.conf set.INSTANCE_DIRECTORY=/var/lib/apacheds-2.0.0_M24/default set.A
apacheds 95 93 1 03:40 ? 00:00:10 java -Dlog4j.configuration=file:////var/lib/apacheds-2.0.0_M24/default/conf/log4j.properties -Dapacheds.var.dir=/var/lib/apacheds-2.0.0_M24/default -Dapacheds.log.
binaries are in /opt/apacheds-2.0.0_M24/ , logs in /var/lib/apacheds-2.0.0_M24/default/log/apacheds.log
you can use this Bind DN:
uid=admin,ou=system
with password:
secret
this should give you ldapmodify :
sudo yum install openldap-clients
You can connect with ldapmodify https://cwiki.apache.org/confluence/display/DIRxSRVx10/2.2.2.+Command+line+tools
ldapmodify -p 10389 -h 127.0.0.1 -D "uid=admin,ou=system" -w secret #search all ldapsearch -h 127.0.0.1 -p 10389 -D "uid=admin,ou=system" -w secret "(objectClass=*)" #search only one domain ldapsearch -x -h 127.0.0.1 -p 10389 -D "uid=admin,ou=system" -w secret -b 'dc=example,dc=com' '(objectclass=*)'
(see page 312 of the Wildfly Configuration Deployment Administration 2nd Edition" book)
here a sample LDIF file you can import with
ldapmodify -p 10389 -h 127.0.0.1 -D "uid=admin,ou=system" -w secret -a -f example.ldif
dn: dc=example,dc=com objectclass: top objectclass: dcObject objectclass: organization dc: example o: MCC dn: ou=People,dc=example,dc=com objectclass: top objectclass: organizationalUnit ou: People dn: uid=admin,ou=People,dc=example,dc=com objectclass: top objectclass: uidObject objectclass: person uid: admin cn: Manager sn: Manager userPassword: secret dn: ou=Roles,dc=example,dc=com objectclass: top objectclass: organizationalUnit ou: Roles dn: cn=Manager,ou=Roles,dc=example,dc=com objectClass: top objectClass: groupOfNames cn: Manager description: the JBossAS7 group member: uid=admin,ou=People,dc=example,dc=com
You can download jxplorer (see https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=29757) , login as "uid=admin,ou=system" password secret, then Tool/Import
I am using now Apache Directory Studio, it seems more advanced than jxplorer.
https://cwiki.apache.org/confluence/download/attachments/29756/apache_ds_tutorial.ldif?version=1&modificationDate=1164515728000&api=v2&download=true
but it fails.... totally broken it seems...
Better start reading the ApacheDS Basic User Guide http://directory.apache.org/apacheds/basic-user-guide.html
LDAP basic tutorial
let me quickly say that LDAP SUCKS big time, this technology is Stone-Age old and pathetically complex and brittle.
http://directory.apache.org/apacheds/basic-ug/1.4.3-adding-partition.html how to add a partition o=sevenSeas
Excellent basic intro to LDAP concepts https://www.digitalocean.com/community/tutorials/understanding-the-ldap-protocol-data-hierarchy-and-entry-components
Complete code to connect to LDAP and run a query
package org.pierre.pvldapconnect;
import java.util.Hashtable;
import java.util.Properties;
import javax.naming.*;
import javax.naming.directory.*;
import javax.naming.ldap.*;
public class LDAPConnect {
public static void main(String[] args) throws Exception {
//build a hashtable containing all the necessary configuration parameters
Hashtable<String, String> environment = new Hashtable<String, String>();
Properties conf;
environment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
environment.put(Context.PROVIDER_URL, "ldap://localhost:10389");
environment.put(Context.SECURITY_AUTHENTICATION, "simple");
environment.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system");
environment.put(Context.SECURITY_CREDENTIALS, "secret");
// connect to LDAP
DirContext context = new InitialDirContext(environment);
System.out.println("Connected..");
System.out.println(context.getEnvironment());
// Specify the search filter
String FILTER = "(&(objectClass=person) ((cn=\"pierluigivernetto\")))";
// limit returned attributes to those we care about
String[] attrIDs = { "sn", "cn" };
SearchControls ctls = new SearchControls();
ctls.setReturningAttributes(attrIDs);
ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
// Search for objects using filter and controls
final String ldapSearchBase = "dc=example,dc=com";
NamingEnumeration<SearchResult> answer = context.search(ldapSearchBase, FILTER, ctls);
while (answer.hasMore()) {
SearchResult result = answer.next();
System.out.println(result.toString());
}
}
}
No comments:
Post a Comment