You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2014/10/21 01:06:39 UTC

[22/50] git commit: update README.txt procedures for using existing OpenLDAP server.

update README.txt procedures for using existing OpenLDAP server.


Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/commit/cb05c0bc
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/tree/cb05c0bc
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/diff/cb05c0bc

Branch: refs/heads/master
Commit: cb05c0bc18f0c4bad633d559efa79d97ac1fe6f1
Parents: 12392c9
Author: Shawn McKinney <sh...@jts.us>
Authored: Thu Jul 3 08:16:53 2014 -0500
Committer: Shawn McKinney <sh...@jts.us>
Committed: Thu Jul 3 08:16:53 2014 -0500

----------------------------------------------------------------------
 README.txt                                      | 84 ++++++++++++++------
 build.properties                                | 12 +--
 .../java/org/openldap/fortress/overview.html    |  2 +-
 3 files changed, 66 insertions(+), 32 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/cb05c0bc/README.txt
----------------------------------------------------------------------
diff --git a/README.txt b/README.txt
index 40a62d1..5d12a4a 100755
--- a/README.txt
+++ b/README.txt
@@ -15,7 +15,7 @@ ________________________________________________________________________________
 ###################################################################################
 README for Fortress Identity and Access Management SDK
 Version 1.0-RC37
-last updated: June 25, 2014
+last updated: July 3, 2014
 
 This document provides instructions to download, compile, test and use the
 Fortress IAM with OpenLDAP server.  If you don't already have OpenLDAP installed,
@@ -227,37 +227,71 @@ a. Install OpenLDAP using your existing package management system.
 
         + etc.
 
-- No need to configure or load the OpenLDAP server.  That is handled on step c below.
+b. Copy fortress schema to openldap schema folder:
 
+cp FORTRESS_HOME/ldap/schema/fortress.schema $OPENLDAP_HOME/etc/openldap/schema
 
-b. enable the correct installation particulars into FORTRESS_HOME/openldap-fortress-core/build.properties.
+c. Enable Fortress schema in slapd.conf:
 
-    These parameters will need to vary according to how your OpenLDAP system was installed. For Debian OpenLDAP builds,
-    use the following:
+include		FORTRESS_HOME/etc/openldap/schema/fortress.schema
 
-## If using Debian/Ubuntu OpenLDAP, uncomment this section:
-db.dir=/var/lib/ldap
-db.hist.dir=${db.dir}/hist
-db.bak.dir=/var/lib/ldap-backup/db
-db.bak.hist.dir=/var/lib/ldap-backup/hist
-slapd.dir=/etc/ldap
-pid.dir=/var/run/slapd
-slapd.module.dir=/usr/lib/ldap
-slapd.start=slapd -f /etc/ldap/slapd.conf
- unless you know what you're doing, take the default:
-log.dbnosynch=dbnosync
-dflt.dbnosynch=dbnosync
-log.checkpoint=checkpoint	4056 60
-dflt.checkpoint=checkpoint	1024 60
+note: for steps b & c above substitute FORTRESS_HOME for root of your OpenLDAP installation.
 
-c. Run the install target:
+d. For password policy support, enable pwpolicy overlay in slapd.conf:
 
-if Debian sudo:
->sudo $ANT_HOME/bin/ant init-slapd
+moduleload	ppolicy.la
 
-if not sudo you must run as user that has priv to modify folders in /var and /opt folders:
->su
->$ANT_HOME/bin/ant init-slapd
+e. For Fortress audit support, enable slapoaccesslog in slapd.conf
+
+moduleload  accesslog.la
+
+f. Gather the following information about your OpenLDAP instance:
+
+i. suffix
+ii. host
+iii. port
+iv. ldap user account that has read/write priv for default DIT (root works)
+v. pw for above
+vi. ldap user account that has read/write priv for access log DIT (log root works)
+vii. pw for above
+
+
+g. Example OpenLDAP instance:
+
+i. dc=example, dc=com
+ii. myhostname
+iii. 389
+iv. "cn=Manager,dc=example,dc=com"
+v. secret
+vi. "cn=Manager,cn=log"
+vii. secret
+
+h. Modify the build.properties file with settings
+
+i.
+suffix.name=example
+suffix.dc=com
+
+ii. ldap.host=myhostname
+
+iii. ldap.port=389
+
+iv. root.dn=cn=Manager,${suffix}
+
+v. root.pw=secret
+note: the above may be hased using slappasswd
+
+vi. log.root.dn=cn=Manager,${log.suffix}
+
+vii. secret
+
+i. Create the Fortress DIT:
+
+from the FORTRESS_HOME root folder, enter the following:
+
+>$ANT_HOME/bin/ant load-slapd
+
+j. Proceed to SECTION 8 to regression test Fortress and OpenLDAP
 
 ___________________________________________________________________________________
 ###################################################################################

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/cb05c0bc/build.properties
----------------------------------------------------------------------
diff --git a/build.properties b/build.properties
index 438286e..967e463 100644
--- a/build.properties
+++ b/build.properties
@@ -316,11 +316,11 @@ db.bak.audit.dir=${db.root}/backup/rbacaudit
 ########################################################################
 
 # Use Fortress defined LDAP Group objectclass:
-#group.objectclass=configGroup
-#group.protocol=configProtocol
-#group.properties=configParameter
+group.objectclass=configGroup
+group.protocol=configProtocol
+group.properties=configParameter
 
 # Use Guacamole defined LDAP Group objectclass:
-group.objectclass=guacConfigGroup
-group.protocol=guacConfigProtocol
-group.properties=guacConfigParameter
\ No newline at end of file
+#group.objectclass=guacConfigGroup
+#group.protocol=guacConfigProtocol
+#group.properties=guacConfigParameter
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/cb05c0bc/src/main/java/org/openldap/fortress/overview.html
----------------------------------------------------------------------
diff --git a/src/main/java/org/openldap/fortress/overview.html b/src/main/java/org/openldap/fortress/overview.html
index 4536cad..703963e 100755
--- a/src/main/java/org/openldap/fortress/overview.html
+++ b/src/main/java/org/openldap/fortress/overview.html
@@ -39,7 +39,7 @@
       <h2>What technologies are used?</h2>
       <p>
          Fortress SDK runs on any platform that supports Java technology and LDAP v3 protocols.  Functionality that extends beyond
-          LDAP v3 is provided via <a href="http://openldap.org/">OpenLDAP</a> specific features.  In other words Fortress was optimized to run on OpenLDAP but will work on any directory.
+          LDAP v3 is provided via <a href="http://openldap.org/">OpenLDAP</a> specific features.  In other words Fortress was optimized to run on OpenLDAP but works on any directory.
       </p>
        <hr>
       <h2>What are the conditions of use?</h2>