55
LDAP Configuration (continued)
OpenLDAP ServerOpenLDAP Server InstallationOpenLDAP Server Configuration
AP Operation
h) Click OK. When you return to the Attribute Editor page, the
permission entry now reflects the new permissions: i) Click Apply to save the change and complete the procedure.
j)RepeatStep3(Edit Active Director y Users With the Extended
Schema) for any other users you wish to add.
OpenLDAPisanopensourceLDAPserverdesignedforUNIXplatform s.AWindowsversioncanbedownloadedfrom:
http://download.bergmans.us/openldap/openldap-2.2.29/openldap-2.2.29-db-4.3.29-openssl-.9.8awin32_
Setup.exe.
After downloading the program, launch the in staller, select your
language, accept the license and choose the target inst allation
directory. The default directory is:
c:\Program Files\OpenLDA P.
When the Select Components dialog box appear s, select install BDB-
tools and install OpenLDAP-slapd a s NT service, as shown in the
diagram:
The main OpenLDAP configuration file, slapd.conf, has to be custom ized before launching the server. The modifications to the configu ration file
will do the following:
• SpecifytheUnicodedatadirectory.Thedefaultis. /ucdata.
• ChoosetherequiredLDAPschemas.Thecoreschemaismandat ory.
• CongurethepathfortheOpenLDAPpid and args start up files. The first contains the server pid, the second includes com mand line arguments.
• Choosethedatabasetype.Thedefaultisbdb (Berkeley DB).
• Specifytheserversufx.Allentriesint hedirectorywillhavethissufx,whichrepresentstherootofthedire ctorytree.Forexample,with
suffix dc=tripplite,dc=com, t he fully qualified name of all entries in t he database will end with dc=t ripplite,dc=com.
• Denethenameoftheadministratorentr yfortheserver(rootdn), along with its password (rootpw). This is the server’s super user. The rootdn
name must match the suffix defined above. (Since all entry names must end wit h the defined suffix, and the rootdn is an entr y.)