6

How to install and configure LDAP server?

Step by StepWhat is LDAP?
“LDAP stands for Lightweight Directory Access Protocol used for accessing and maintaining distributed directory information services over an Internet Protocol network.”

Why is LDAP used?
LDAP is used for accessing a directory which can consist of a set of objects, users, groups, login, passwords, permissions etc. Its practical use is more in terms of authentication and access control mechanism. LDAP also provides add, delete, search, modify operations. LDAP is not considered as a standard relational database.
LDAP stores the attribute based data and they are generally read specific data. The entries in LDAP are maintained in tree like structure Directory Information Tree (DIT).

OpenDS is simple Java based open source directory service software which implements LDAP. In today’s series we will explore this product for demonstration of the LDAP server.
Let’s try to do a hands on exercise on how to install and configure OpenDS.
Step 1:
OpenDS software can be downloaded from https://opends.java.net/ link the OpenDS2.2 version.
Install OpenDS2.2 by clicking “setup.bat”.
Step 2:
Click the option “Install new server instance”.
Step 3:
Under Server Settings option Add the Host name matches the host name mentioned the config file of your application server. In this case we will use “localhost”. Fill up rest of the details along with the password.

 

Opends Server Settings

OpenDS Server Settings

Step 4:
In case of Topology option select this as a Standalone server.
Step 5:
Leave the default options of Directory base DN to dc=example, dc=com
Step 6:
Review and Finish
Step 7:
Launch Control Panel.
You can launch the control panel from the Finish Wizard or you can go to directory OpenDS\bat and execute the command control-panel.bat.
Step 8:
The control-panel.bat will open the Directory server control panel.

OpenDS Control Panel

OpenDS Control Panel

Step 9:
Add users – To add users in the LDAP directory click on Manage Entries option.

 

Manage Entries Panel

Manage Entries Panel

Step 10:
Right click on the dc=example, dc=com to add New User

Step 11:
In the New User panel add the details of the new user.
In this case the common name is admin.

New User Panel

New User Panel

We can also create a new group by using the New Group option and assign the created users to this group.

 

New Group

New Group

Terminologies:
dn – Each entry in the LDAP will have an unique identifier or distinguished name (DN).
cn – Common Name
sn – Surname
dc – Domain Component
ou – Organisational Unit
o – Organisation
st – State
l – Location
c – Country

LDAP Tree structure

LDAP Tree structure

We can also try various other LDAP servers available in the market including Active Directory (Microsoft), Apache Directory Server, IBM Tivoli Directory Server, OpenDJ, OpenLDAP among others.

In our next series we will try to explore how to use the LDAP server from JEE applications and apply security features in JEE based web application. Keep watching this space.

 

Filed in: Java, Random, Servers, Tools Tags: , , , , , , , , , , , , , , , ,

Get Updates

Share This Post

Related Posts

6 Responses to "How to install and configure LDAP server?"

  1. I suggest you take a look at OpenDJ, which is the only actively developed branch issued from OpenDS : http://opendj.forgerock.org/

    • IdioTechie says:

      Thanks Ludovic. Yeh Oracle is supporting OpenDJ Forgerock which has been built on top of OpenDS which was earlier supported by SUN microsystems.

      • Excuse me if I’m pedantic, but Oracle is not supporting OpenDS nor OpenDJ. They’ve let die the project silently by pulling out all resources and no letting anybody else have the right to commit.
        OpenDJ is the continuation of OpenDS, by some of the same people who had developed it at Sun Microsystems. And OpenDJ is supported by ForgeRock and a wider community.
        Regards.

  2. Bhavya@ IBM Server says:

    Thanks! for the guide. It was really helpful.

Leave a Reply

Submit Comment

© 2014 IdioTechie. All rights reserved.