SlideShare a Scribd company logo

OpenLDAP configuration brought to Apache Directory Studio

LDAPCon
LDAPCon

This document discusses bringing OpenLDAP configurations into Apache Directory Studio. It provides an overview of configuring OpenLDAP using either the traditional slapd.conf file or the newer cn=config backend in LDAP. It then introduces the OpenLDAP configuration plugin for Apache Directory Studio, which allows configuring OpenLDAP in a graphical user interface without needing to directly edit configuration files. This plugin aims to simplify OpenLDAP administration and prevent configuration errors.

Technology
1 of 18
Downloaded 34 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
OpenLDAP configuration brought to Apache Directory Studio 1
<OpenLDAP configuration/> brought to <Apache Directory Studio/> 2
Emmanuel Lécharny Apache Software Foundation member Chairman of MINA project PMC of Apache Directory Project elecharny@apache.org / elecharny@symas.com
Apache Directory Studio 4
OpenLDAP configuration slapd.conf Or cn=config/ 5
Slapd.conf # See slapd.conf(5) for details on configuration options. include "/opt/symas/etc/openldap/schema/core.schema" pidfile argsfile "/var/symas/run/slapd.pid" "/var/symas/run/slapd.args" # Choose the directory for loadable modules. modulepath "/opt/symas/lib/openldap" # Load dynamic backend modules: moduleload back_hdb.la moduleload back_monitor.la # Sample hdb database suffix rootdn rootpw database definitions hdb "dc=example,dc=com" "dc=example,dc=com" secret # Indices to maintain index default index objectClass index cn directory cachesize idlcachesize checkpoint database eq "/var/symas/openldap-data/example" 5000 5000 512 60 monitor 6
cn=config dn: cn=config olcWriteTimeout: 0 olcTLSCRLCheck: none olcConnMaxPendingAuth: 1000 olcIndexIntLen: 4 olcIdleTimeout: 0 olcIndexHash64: FALSE olcAttributeOptions: langolcConfigDir: etc/openldap/slapd.d olcIndexSubstrAnyStep: 2 olcPidFile: /var/symas/run/slapd.pid ... dn: cn=schema structuralObjectClass: olcSchemaConfig createTimestamp: 20131117072024.982Z olcObjectIdentifier: OLcfg 1.3.6.1.4.1.4203.1.12.2 olcObjectIdentifier: OLcfgAt OLcfg:3 olcObjectIdentifier: OLcfgGlAt OLcfgAt:0 olcObjectIdentifier: OLcfgBkAt OLcfgAt:1 olcObjectIdentifier: OLcfgDbAt OLcfgAt:2 olcObjectIdentifier: OLcfgOvAt OLcfgAt:3 olcObjectIdentifier: OLcfgCtAt OLcfgAt:4 olcObjectIdentifier: OLcfgOc OLcfg:4 ... dn: olcDatabase={1}hdb olcDbShmKey: 0 olcDbConfig: {0}# olcDbConfig: {1}# DB_CONFIG file for example database olcDbConfig: {2}# olcDbConfig: {3}# IMPORTANT olcDbConfig: {4}# Changes will automatically take effect after slapd is restarted. ... 7
Why cn=config ? Configuration in LDAP Can be replicated Allows dynamic configuration Protects against misconfigurations 8
But... People keep using vi/Emacs More complex than slapd.conf You have to use ldapadd/ldapmodify/ldapdelete 9
But... « It is of course possible for a careful, clueful admin to edit the files by hand without breaking anything. » « But let's face it, the majority of people out there, and particularly the people having problems that drive them to post on this mailing list, are neither careful enough nor clueful enough to qualify for these activities. » 10
Let's use Studio ! 11
OpenLDAP configuration plugin Don't have to lecture people who use text editors Config for dummies (almost) Many controls done by the plugin « smart » editors 12
Backend configuration 13
HDB configuration 14
Replication configuration 15
Options configuration 16
What's next ? Polish the editors Make it work with slapd.conf Add the missing elements Manage versions Release it !!! 17
Thanks!

More Related Content

What's hot (20)

PDF
LDAP Theory
cyberleon95
 
PDF
Practical-LDAP-and-Linux
Balaji Ravi
 
PDF
Ldap introduction (eng)
Anatoliy Okhotnikov
 
PDF
EKON 12 Running OpenLDAP
Max Kleiner
 
PDF
Directory Servers and LDAP
Wildan Maulana
 
PPTX
LDAP - Lightweight Directory Access Protocol
S. Hasnain Raza
 
PDF
Apache Spark - Intro to Large-scale recommendations with Apache Spark and Python
Christian Perone
 
PPTX
Intro to Apache Spark
Robert Sanders
 
DOC
Ldap
Shiva Krishna Chandra Shekar
 
PPTX
Apache Spark An Overview
Mohit Jain
 
PDF
Introduction to LDAP and Directory Services
Radovan Semancik
 
PDF
Introduction to Apache Spark
Anastasios Skarlatidis
 
PDF
LDAP Applied (EuroOSCON 2005)
Fran Fabrizio
 
PPT
Configuring Domino To Be An Ldap Directory And To Use An Ldap Directory
Edson Oliveira
 
PDF
Apache Spark Introduction | Big Data Hadoop Spark Tutorial | CloudxLab
CloudxLab
 
PPTX
Learn Apache Spark: A Comprehensive Guide
Whizlabs
 
PDF
A Deep Dive Into Spark
Ashish kumar
 
PDF
Introduction to Flume
Rupak Roy
 
PPTX
Transformations and actions a visual guide training
Spark Summit
 
PPT
Scala and spark
Fabio Fumarola
 
LDAP Theory
cyberleon95
 
Practical-LDAP-and-Linux
Balaji Ravi
 
Ldap introduction (eng)
Anatoliy Okhotnikov
 
EKON 12 Running OpenLDAP
Max Kleiner
 
Directory Servers and LDAP
Wildan Maulana
 
LDAP - Lightweight Directory Access Protocol
S. Hasnain Raza
 
Apache Spark - Intro to Large-scale recommendations with Apache Spark and Python
Christian Perone
 
Intro to Apache Spark
Robert Sanders
 
Ldap
Shiva Krishna Chandra Shekar
 
Apache Spark An Overview
Mohit Jain
 
Introduction to LDAP and Directory Services
Radovan Semancik
 
Introduction to Apache Spark
Anastasios Skarlatidis
 
LDAP Applied (EuroOSCON 2005)
Fran Fabrizio
 
Configuring Domino To Be An Ldap Directory And To Use An Ldap Directory
Edson Oliveira
 
Apache Spark Introduction | Big Data Hadoop Spark Tutorial | CloudxLab
CloudxLab
 
Learn Apache Spark: A Comprehensive Guide
Whizlabs
 
A Deep Dive Into Spark
Ashish kumar
 
Introduction to Flume
Rupak Roy
 
Transformations and actions a visual guide training
Spark Summit
 
Scala and spark
Fabio Fumarola
 

Viewers also liked (15)

ODP
Ldap Synchronization Connector @ 2011.RMLL
sbahloul
 
PPT
LSC - Synchronizing identities @ Loadays 2010
RUDDER
 
PDF
Manage password policy in OpenLDAP
LDAPCon
 
PPT
Nis Vs Ldap
Juan Bau
 
PDF
IAO’s importance on sound student services in educational institutions
International Accreditation Organization
 
PDF
What's New in OpenLDAP
LDAPCon
 
ODP
Synchronize OpenLDAP with Active Directory with LSC project
Clément OUDOT
 
PDF
RMLL 2013 - Synchronize OpenLDAP and Active Directory with LSC
Clément OUDOT
 
PPTX
Rhel6
Yash Gulati
 
PDF
Synchronize AD and OpenLDAP with LSC
LDAPCon
 
PDF
RMLL 2014 - OpenLDAP - Manage password policy
Clément OUDOT
 
PPT
AD & LDAP
Cynoteck Technology Solutions Private Limited
 
PPT
The Ldap Protocol
Glen Plantz
 
PDF
System Engineer: OpenLDAP and Samba Server
Tola LENG
 
PPSX
Reuters: Pictures of the Year 2016 (Part 2)
maditabalnco
 
Ldap Synchronization Connector @ 2011.RMLL
sbahloul
 
LSC - Synchronizing identities @ Loadays 2010
RUDDER
 
Manage password policy in OpenLDAP
LDAPCon
 
Nis Vs Ldap
Juan Bau
 
IAO’s importance on sound student services in educational institutions
International Accreditation Organization
 
What's New in OpenLDAP
LDAPCon
 
Synchronize OpenLDAP with Active Directory with LSC project
Clément OUDOT
 
RMLL 2013 - Synchronize OpenLDAP and Active Directory with LSC
Clément OUDOT
 
Rhel6
Yash Gulati
 
Synchronize AD and OpenLDAP with LSC
LDAPCon
 
RMLL 2014 - OpenLDAP - Manage password policy
Clément OUDOT
 
AD & LDAP
Cynoteck Technology Solutions Private Limited
 
The Ldap Protocol
Glen Plantz
 
System Engineer: OpenLDAP and Samba Server
Tola LENG
 
Reuters: Pictures of the Year 2016 (Part 2)
maditabalnco
 
Ad

Similar to OpenLDAP configuration brought to Apache Directory Studio (6)

PPTX
LDAP(In_Linux).pptx
ShanmugapriyaSenthil3
 
ODP
Ldapsession 1217528612650451-9
rezgui
 
ODP
Ldapsession
guest648519
 
PDF
Using OpenFire With OpenLDAP
Dashamir Hoxha
 
PDF
Ldap 121020013604-phpapp01
SANE Ibrahima
 
PDF
Ldap howto
Drishya Nandakumar
 
LDAP(In_Linux).pptx
ShanmugapriyaSenthil3
 
Ldapsession 1217528612650451-9
rezgui
 
Ldapsession
guest648519
 
Using OpenFire With OpenLDAP
Dashamir Hoxha
 
Ldap 121020013604-phpapp01
SANE Ibrahima
 
Ldap howto
Drishya Nandakumar
 
Ad

More from LDAPCon (17)

ODP
Fusiondirectory: your infrastructure manager based on ldap
LDAPCon
 
PDF
Building Open Source Identity Management with FreeIPA
LDAPCon
 
PDF
Benchmarks on LDAP directories
LDAPCon
 
PDF
A Backend to tie them all?
LDAPCon
 
PDF
Update on the OpenDJ project
LDAPCon
 
PDF
Build your LDAP Web Interface with LinID Directory Manager
LDAPCon
 
PDF
LDAP Development Using Spring LDAP
LDAPCon
 
PDF
Do The Right Thing! How LDAP servers should help LDAP clients
LDAPCon
 
PDF
Distributed Virtual Transaction Directory Server
LDAPCon
 
PDF
What makes a LDAP server running fast ? An bit of insight about the various b...
LDAPCon
 
PDF
Making Research "Social" using LDAP
LDAPCon
 
PDF
Bridging the gap: Adding missing client (security) features using OpenLDAP pr...
LDAPCon
 
PDF
Fortress Open Source IAM on LDAPv3
LDAPCon
 
PDF
eSCIMo - User Provisioning over Web
LDAPCon
 
PDF
Give a REST to your LDAP directory services
LDAPCon
 
PDF
How AD has been re-engineered to extend to the cloud
LDAPCon
 
PDF
IAM to IRM: The Shift to Identity Relationship Management
LDAPCon
 
Fusiondirectory: your infrastructure manager based on ldap
LDAPCon
 
Building Open Source Identity Management with FreeIPA
LDAPCon
 
Benchmarks on LDAP directories
LDAPCon
 
A Backend to tie them all?
LDAPCon
 
Update on the OpenDJ project
LDAPCon
 
Build your LDAP Web Interface with LinID Directory Manager
LDAPCon
 
LDAP Development Using Spring LDAP
LDAPCon
 
Do The Right Thing! How LDAP servers should help LDAP clients
LDAPCon
 
Distributed Virtual Transaction Directory Server
LDAPCon
 
What makes a LDAP server running fast ? An bit of insight about the various b...
LDAPCon
 
Making Research "Social" using LDAP
LDAPCon
 
Bridging the gap: Adding missing client (security) features using OpenLDAP pr...
LDAPCon
 
Fortress Open Source IAM on LDAPv3
LDAPCon
 
eSCIMo - User Provisioning over Web
LDAPCon
 
Give a REST to your LDAP directory services
LDAPCon
 
How AD has been re-engineered to extend to the cloud
LDAPCon
 
IAM to IRM: The Shift to Identity Relationship Management
LDAPCon
 

Recently uploaded (20)

PDF
SWEBOK Guide and Software Services Engineering Education
Hironori Washizaki
 
PDF
Women in Automation Presents: Reinventing Yourself — Bold Career Pivots That ...
DianaGray10
 
PDF
NewMind AI Journal - Weekly Chronicles - July'25 Week II
NewMind AI
 
PDF
Rethinking Security Operations - SOC Evolution Journey.pdf
Haris Chughtai
 
PPTX
Top iOS App Development Company in the USA for Innovative Apps
SynapseIndia
 
PDF
Wojciech Ciemski for Top Cyber News MAGAZINE. June 2025
Dr. Ludmila Morozova-Buss
 
PDF
Complete JavaScript Notes: From Basics to Advanced Concepts.pdf
haydendavispro
 
PDF
TrustArc Webinar - Data Privacy Trends 2025: Mid-Year Insights & Program Stra...
TrustArc
 
PDF
Predicting the unpredictable: re-engineering recommendation algorithms for fr...
Speck&Tech
 
PPTX
WooCommerce Workshop: Bring Your Laptop
Laura Hartwig
 
PDF
HCIP-Data Center Facility Deployment V2.0 Training Material (Without Remarks ...
mcastillo49
 
PDF
CloudStack GPU Integration - Rohit Yadav
ShapeBlue
 
PDF
CIFDAQ Weekly Market Wrap for 11th July 2025
CIFDAQ
 
PPTX
UiPath Academic Alliance Educator Panels: Session 2 - Business Analyst Content
DianaGray10
 
PDF
CIFDAQ Token Spotlight for 9th July 2025
CIFDAQ
 
PDF
Impact of IEEE Computer Society in Advancing Emerging Technologies including ...
Hironori Washizaki
 
PPTX
✨Unleashing Collaboration: Salesforce Channels & Community Power in Patna!✨
SanjeetMishra29
 
PPTX
Extensions Framework (XaaS) - Enabling Orchestrate Anything
ShapeBlue
 
PDF
Log-Based Anomaly Detection: Enhancing System Reliability with Machine Learning
Mohammed BEKKOUCHE
 
PPTX
Building a Production-Ready Barts Health Secure Data Environment Tooling, Acc...
Barts Health
 
SWEBOK Guide and Software Services Engineering Education
Hironori Washizaki
 
Women in Automation Presents: Reinventing Yourself — Bold Career Pivots That ...
DianaGray10
 
NewMind AI Journal - Weekly Chronicles - July'25 Week II
NewMind AI
 
Rethinking Security Operations - SOC Evolution Journey.pdf
Haris Chughtai
 
Top iOS App Development Company in the USA for Innovative Apps
SynapseIndia
 
Wojciech Ciemski for Top Cyber News MAGAZINE. June 2025
Dr. Ludmila Morozova-Buss
 
Complete JavaScript Notes: From Basics to Advanced Concepts.pdf
haydendavispro
 
TrustArc Webinar - Data Privacy Trends 2025: Mid-Year Insights & Program Stra...
TrustArc
 
Predicting the unpredictable: re-engineering recommendation algorithms for fr...
Speck&Tech
 
WooCommerce Workshop: Bring Your Laptop
Laura Hartwig
 
HCIP-Data Center Facility Deployment V2.0 Training Material (Without Remarks ...
mcastillo49
 
CloudStack GPU Integration - Rohit Yadav
ShapeBlue
 
CIFDAQ Weekly Market Wrap for 11th July 2025
CIFDAQ
 
UiPath Academic Alliance Educator Panels: Session 2 - Business Analyst Content
DianaGray10
 
CIFDAQ Token Spotlight for 9th July 2025
CIFDAQ
 
Impact of IEEE Computer Society in Advancing Emerging Technologies including ...
Hironori Washizaki
 
✨Unleashing Collaboration: Salesforce Channels & Community Power in Patna!✨
SanjeetMishra29
 
Extensions Framework (XaaS) - Enabling Orchestrate Anything
ShapeBlue
 
Log-Based Anomaly Detection: Enhancing System Reliability with Machine Learning
Mohammed BEKKOUCHE
 
Building a Production-Ready Barts Health Secure Data Environment Tooling, Acc...
Barts Health
 

OpenLDAP configuration brought to Apache Directory Studio

  • 3. Emmanuel Lécharny Apache Software Foundation member Chairman of MINA project PMC of Apache Directory Project [email protected] / [email protected]
  • 6. Slapd.conf # See slapd.conf(5) for details on configuration options. include "/opt/symas/etc/openldap/schema/core.schema" pidfile argsfile "/var/symas/run/slapd.pid" "/var/symas/run/slapd.args" # Choose the directory for loadable modules. modulepath "/opt/symas/lib/openldap" # Load dynamic backend modules: moduleload back_hdb.la moduleload back_monitor.la # Sample hdb database suffix rootdn rootpw database definitions hdb "dc=example,dc=com" "dc=example,dc=com" secret # Indices to maintain index default index objectClass index cn directory cachesize idlcachesize checkpoint database eq "/var/symas/openldap-data/example" 5000 5000 512 60 monitor 6
  • 7. cn=config dn: cn=config olcWriteTimeout: 0 olcTLSCRLCheck: none olcConnMaxPendingAuth: 1000 olcIndexIntLen: 4 olcIdleTimeout: 0 olcIndexHash64: FALSE olcAttributeOptions: langolcConfigDir: etc/openldap/slapd.d olcIndexSubstrAnyStep: 2 olcPidFile: /var/symas/run/slapd.pid ... dn: cn=schema structuralObjectClass: olcSchemaConfig createTimestamp: 20131117072024.982Z olcObjectIdentifier: OLcfg 1.3.6.1.4.1.4203.1.12.2 olcObjectIdentifier: OLcfgAt OLcfg:3 olcObjectIdentifier: OLcfgGlAt OLcfgAt:0 olcObjectIdentifier: OLcfgBkAt OLcfgAt:1 olcObjectIdentifier: OLcfgDbAt OLcfgAt:2 olcObjectIdentifier: OLcfgOvAt OLcfgAt:3 olcObjectIdentifier: OLcfgCtAt OLcfgAt:4 olcObjectIdentifier: OLcfgOc OLcfg:4 ... dn: olcDatabase={1}hdb olcDbShmKey: 0 olcDbConfig: {0}# olcDbConfig: {1}# DB_CONFIG file for example database olcDbConfig: {2}# olcDbConfig: {3}# IMPORTANT olcDbConfig: {4}# Changes will automatically take effect after slapd is restarted. ... 7
  • 8. Why cn=config ? Configuration in LDAP Can be replicated Allows dynamic configuration Protects against misconfigurations 8
  • 9. But... People keep using vi/Emacs More complex than slapd.conf You have to use ldapadd/ldapmodify/ldapdelete 9
  • 10. But... « It is of course possible for a careful, clueful admin to edit the files by hand without breaking anything. » « But let's face it, the majority of people out there, and particularly the people having problems that drive them to post on this mailing list, are neither careful enough nor clueful enough to qualify for these activities. » 10
  • 12. OpenLDAP configuration plugin Don't have to lecture people who use text editors Config for dummies (almost) Many controls done by the plugin « smart » editors 12
  • 17. What's next ? Polish the editors Make it work with slapd.conf Add the missing elements Manage versions Release it !!! 17