Tag Archive | tds

Sample ldif file — 2

Sample User addition ldif file for Tivoli Directory Server

Suffix : dc=myorg,dc=com

Create a file createUser.ldif

[root@connections V6.3]# vi /opt/ibm/ldap/V6.3/createuser.ldif

Copy the below lines to the createuser.ldif

dn: dc=myorg,dc=com
objectclass: domain
objectclass: top
dc: myorg,dc=com
dc: myorg

dn: cn=admusers,dc=myorg,dc=com
objectclass: container
objectclass: top
cn: admusers

dn: cn=employee,dc=myorg,dc=com
objectclass: container
objectclass: top
cn: employee

dn: cn=groups,dc=myorg,dc=com
objectclass: top
objectclass: container
cn: groups

dn: uid=wasadmin,cn=admusers,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: wasadmin
userpassword: wasadmin
sn: wasadmin
givenName: wasadmin
cn: wasadmin

dn: uid=wasoperator,cn=admusers,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: wasoperator
userpassword: wasoperator
sn: wasoperator
givenName: wasoperator
cn: wasoperator

dn: uid=cadmin,cn=admusers,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: cadmin
userpassword: cadmin
sn: cadmin
givenName: cadmin
cn: cadmin

dn: uid=fnadmin,cn=admusers,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: fnadmin
userpassword: fnadmin
sn: fnadmin
givenName: fnadmin
cn: fnadmin

dn: uid=ldapbind,cn=admusers,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: ldapbind
userpassword: ldapbind
sn: ldapbind
givenName: ldapbind
cn: ldapbind

dn: uid=wasmonitor,cn=admusers,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: wasmonitor
userpassword: wasmonitor
sn: wasmonitor
givenName: wasmonitor
cn: wasmonitor

dn: uid=wpsbind,cn=admusers,dc=myorg,dc=com
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
uid: wpsbind
userpassword: wpsbind
sn: wpsbind
givenName: wpsbind
cn: wpsbind

dn: uid=conadmin,cn=admusers,dc=myorg,dc=com
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
uid: conadmin
userpassword: conadmin
sn: conadmin
givenName: conadmin
cn: conadmin

dn: uid=wpsadmin,cn=admusers,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: wpsadmin
userpassword: wpsadmin
sn: wpsadmin
givenName: wpsadmin
cn: wpsadmin

dn: uid=vivek,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: vivek
userpassword: vivek
sn: pujari
givenName: vivek pujari
cn: vivek

dn: uid=chirag,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: chirag
userpassword: chirag
sn: pujari
givenName: chirag pujari
cn: chirag

dn: uid=ravi,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: ravi
userpassword: ravi
sn: pujari
givenName: ravi pujari
cn: ravi

dn: uid=pratik,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: pratik
userpassword: pratik
sn: pujari
givenName: pratik pujari
cn: pratik

dn: uid=santosh,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: santosh
userpassword: santosh
sn: nair
givenName: santosh nair
cn: santosh

dn: uid=vijaya,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: vijaya
userpassword: vijaya
sn: nair
givenName: vijaya nair
cn: vijaya

dn: uid=mihika,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: mihika
userpassword: mihika
sn: temkar
givenName: mihika temkar
cn: mihika

dn: uid=Akshita,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Akshita
userpassword: Akshita
sn: temkar
givenName: Akshita temkar
cn: Akshita

dn: uid=Abha,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Abha
userpassword: Abha
sn: temkar
givenName: Abha temkar
cn: Abha

dn: uid=Arushi,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Arushi
userpassword: Arushi
sn: temkar
givenName: Arushi temkar
cn: Arushi

dn: uid=Adrika,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Adrika
userpassword: Adrika
sn: temkar
givenName: Adrika temkar
cn: Adrika

dn: uid=Abhijit,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Abhijit
userpassword: Abhijit
sn: temkar
givenName: Abhijit temkar
cn: Abhijit

dn: uid=Abhiram,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Abhiram
userpassword: Abhiram
sn: temkar
givenName: Abhiram temkar
cn: Abhiram

dn: uid=Abhisar,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Abhisar
userpassword: Abhisar
sn: modi
givenName: Abhisar modi
cn: Abhisar

dn: uid=Abhi,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Abhi
userpassword: Abhi
sn: modi
givenName: Abhi modi
cn: Abhi

dn: uid=Aagney,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Aagney
userpassword: Aagney
sn: modi
givenName: Aagney modi
cn: Aagney

dn: uid=Aadit,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Aadit
userpassword: Aadit
sn: modi
givenName: Aadit modi
cn: Aadit

dn: uid=Achal,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Achal
userpassword: Achal
sn: modi
givenName: Achal modi
cn: Achal

dn: uid=Achalraj,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Achalraj
userpassword: Achalraj
sn: modi
givenName: Achalraj modi
cn: Achalraj

dn: uid=Aadesh,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Aadesh
userpassword: Aadesh
sn: modi
givenName: Aadesh modi
cn: Aadesh

dn: uid=Durvish,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Durvish
userpassword: Durvish
sn: modi
givenName: Durvish modi
cn: Durvish

dn: uid=Dvimidha,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Dvimidha
userpassword: Dvimidha
sn: modi
givenName: Dvimidha modi
cn: Dvimidha

dn: uid=Dyaus,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Dyaus
userpassword: Dyaus
sn: modi
givenName: Dyaus modi
cn: Dyaus

dn: uid=Eashan,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Eashan
userpassword: Eashan
sn: modi
givenName: Eashan modi
cn: Eashan

dn: uid=Ekachakra,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Ekachakra
userpassword: Ekachakra
sn: kumar
givenName: Ekachakra kumar
cn: Ekachakra

dn: uid=Ekalinga,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Ekalinga
userpassword: Ekalinga
sn: kumar
givenName: Ekalinga kumar
cn: Ekalinga

dn: uid=Ekanga,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Ekanga
userpassword: Ekanga
sn: kumar
givenName: Ekanga kumar
cn: Ekanga

dn: uid=Eklavya,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Eklavya
userpassword: Eklavya
sn: kumar
givenName: Eklavya kumar
cn: Eklavya

dn: uid=Eknath,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Eknath
userpassword: Eknath
sn: kumar
givenName: Eknath kumar
cn: Eknath

dn: uid=Eshaan,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Eshaan
userpassword: Eshaan
sn: kumar
givenName: Eshaan kumar
cn: Eshaan

dn: uid=Eshwar,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Eshwar
userpassword: Eshwar
sn: kumar
givenName: Eshwar kumar
cn: Eshwar

dn: uid=Falak,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Falak
userpassword: Falak
sn: kumar
givenName: Falak kumar
cn: Falak

dn: uid=Fateh,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Fateh
userpassword: Fateh
sn: kumar
givenName: Fateh kumar
cn: Fateh

dn: uid=Gagan,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Gagan
userpassword: Gagan
sn: shetty
givenName: Gagan shetty
cn: Gagan

dn: uid=Gagandeep,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Gagandeep
userpassword: Gagandeep
sn: shetty
givenName: Gagandeep shetty
cn: Gagandeep

dn: uid=Gajanan,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Gajanan
userpassword: Gajanan
sn: shetty
givenName: Gajanan shetty
cn: Gajanan

dn: uid=Gajendra,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Gajendra
userpassword: Gajendra
sn: shetty
givenName: Gajendra shetty
cn: Gajendra

dn: uid=Gajendranath,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Gajendranath
userpassword: Gajendranath
sn: kapoor
givenName: Gajendranath kapoor
cn: Gajendranath

dn: uid=Gaman,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Gaman
userpassword: Gaman
sn: kapoor
givenName: Gaman kapoor
cn: Gaman

dn: uid=Hanshal,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Hanshal
userpassword: Hanshal
sn: kapoor
givenName: Hanshal kapoor
cn: Hanshal

dn: uid=Haresh,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Haresh
userpassword: Haresh
sn: kapoor
givenName: Haresh kapoor
cn: Haresh

dn: uid=Hari,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Hari
userpassword: Hari
sn: kapoor
givenName: Hari kapoor
cn: Hari

dn: uid=Harihar,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Harihar
userpassword: Harihar
sn: patel
givenName: Harihar patel
cn: Harihar

dn: uid=Harina,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Harina
userpassword: Harina
sn: patel
givenName: Harina patel
cn: Harina

dn: uid=Haridutt,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Haridutt
userpassword: Haridutt
sn: patel
givenName: Haridutt patel
cn: Haridutt

dn: uid=Harilal,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Harilal
userpassword: Harilal
sn: patel
givenName: Harilal patel
cn: Harilal

dn: uid=Harith,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Harith
userpassword: Harith
sn: patel
givenName: Harith patel
cn: Harith

dn: uid=Harman,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Harman
userpassword: Harman
sn: patel
givenName: Harman patel
cn: Harman

dn: uid=Harmendra,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Harmendra
userpassword: Harmendra
sn: patel
givenName: Harmendra patel
cn: Harmendra

dn: uid=Harsh,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Harsh
userpassword: Harsh
sn: patel
givenName: Harsh patel
cn: Harsh

dn: uid=Harshad,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Harshad
userpassword: Harshad
sn: patel
givenName: Harshad patel
cn: Harshad

dn: uid=Harshal,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Harshal
userpassword: Harshal
sn: patel
givenName: Harshal patel
cn: Harshal

dn: uid=Harshul,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Harshul
userpassword: Harshul
sn: patel
givenName: Harshul patel
cn: Harshul

dn: uid=Harsith,cn=employee,dc=myorg,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: Harsith
userpassword: Harsith
sn: patel
givenName: Harsith patel
cn: Harsith

==============================
==============================
Add Members to the Groups

Suffix : dc=myorg,dc=com

Create a file addmembers.ldif

[root@connections V6.3]# vi /opt/ibm/ldap/V6.3/addmembers.ldif

Copy the below lines to the addmembers.ldif
dn: cn=hr,cn=groups,dc=myorg,dc=com
objectclass: accessGroup
objectclass: ibm-searchLimits
cn: hr
ibm-searchsizelimit: 200000
ibm-searchtimelimit: 0
member: uid=Adrika,cn=employee,dc=myorg,dc=com
member: uid=Abhijit,cn=employee,dc=myorg,dc=com
member: uid=Abhiram,cn=employee,dc=myorg,dc=com
member: uid=Abhisar,cn=employee,dc=myorg,dc=com
member: uid=Abhi,cn=employee,dc=myorg,dc=com
member: uid=Aagney,cn=employee,dc=myorg,dc=com
member: uid=Aadit,cn=employee,dc=myorg,dc=com
member: uid=Achal,cn=employee,dc=myorg,dc=com
member: uid=Achalraj,cn=employee,dc=myorg,dc=com
member: uid=Aadesh,cn=employee,dc=myorg,dc=com
member: uid=Durvish,cn=employee,dc=myorg,dc=com

dn: cn=accounts,cn=groups,dc=myorg,dc=com
objectclass: groupOfUniqueNames
cn: account
uniquemember: uid=Dvimidha,cn=employee,dc=myorg,dc=com
uniquemember: uid=Dyaus,cn=employee,dc=myorg,dc=com
uniquemember: uid=Eashan,cn=employee,dc=myorg,dc=com
uniquemember: uid=Ekachakra,cn=employee,dc=myorg,dc=com
uniquemember: uid=Ekalinga,cn=employee,dc=myorg,dc=com
uniquemember: uid=Ekanga,cn=employee,dc=myorg,dc=com
uniquemember: uid=Eklavya,cn=employee,dc=myorg,dc=com
uniquemember: uid=Eknath,cn=employee,dc=myorg,dc=com
uniquemember: uid=Eshaan,cn=employee,dc=myorg,dc=com
uniquemember: uid=Eshwar,cn=employee,dc=myorg,dc=com
uniquemember: uid=Falak,cn=employee,dc=myorg,dc=com
uniquemember: uid=Fateh,cn=employee,dc=myorg,dc=com

dn: cn=admins,cn=groups,dc=myorg,dc=com
objectclass: groupOfUniqueNames
cn: admins
uniquemember: uid=wasadmin,cn=admusers,dc=myorg,dc=com
uniquemember: uid=wasoperator,cn=admusers,dc=myorg,dc=com
uniquemember: uid=cadmin,cn=admusers,dc=myorg,dc=com
uniquemember: uid=fnadmin,cn=admusers,dc=myorg,dc=com
uniquemember: uid=ldapbind,cn=admusers,dc=myorg,dc=com
uniquemember: uid=wasmonitor,cn=admusers,dc=myorg,dc=com
uniquemember: uid=wpsbind,cn=admusers,dc=myorg,dc=com
uniquemember: uid=conadmin,cn=admusers,dc=myorg,dc=com
uniquemember: uid=wpsadmin,cn=admusers,dc=myorg,dc=com

Sample ldif file — 1

Sample User addition ldif file for Tivoli Directory Server

Suffix : dc=ibm,dc=com

Create a file createUser.ldif

[root@connections V6.3]# vi /opt/ibm/ldap/V6.3/createuser.ldif

Copy the below lines to the createuser.ldif
dn: dc=ibm,dc=com
objectclass: domain
objectclass: top
dc: ibm,dc=com
dc: ibm

dn: cn=users,dc=ibm,dc=com
objectclass: container
objectclass: top
cn: users

dn: cn=groups,dc=ibm,dc=com
objectclass: top
objectclass: container
cn: groups

dn: uid=wpsadmin,cn=users,dc=ibm,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: wpsadmin
userpassword: wpsadmin
sn: admin
givenName: wps
cn: wps admin

dn: uid=santosh,cn=users,dc=ibm,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: santosh
userpassword: santosh
sn: santosh
givenName: wps
cn: wps santosh

dn: uid=vijaya,cn=users,dc=ibm,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: vijaya
userpassword: vijaya
sn: vijaya
givenName: wps
cn: wps vijaya

dn: uid=mihika,cn=users,dc=ibm,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: mihika
userpassword: mihika
sn: mihika
givenName: wps
cn: wps mihika

dn: uid=siva,cn=users,dc=ibm,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: siva
userpassword: siva
sn: siva
givenName: wps
cn: wps siva

dn: uid=ganesh,cn=users,dc=ibm,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: ganesh
userpassword: ganesh
sn: ganesh
givenName: wps
cn: wps ganesh

dn: uid=cognosadm,cn=users,dc=ibm,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: cognosadm
userpassword: cognosadm
sn: cognosadm
givenName: wps
cn: wps cognosadm

dn: uid=webadmin,cn=users,dc=ibm,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: webadmin
userpassword: webadmin
sn: webadmin
givenName: wps
cn: wps webadmin

dn: uid=shiva,cn=users,dc=ibm,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: shiva
userpassword: shiva
sn: shiva
givenName: wps
cn: wps shiva

dn: uid=wpsadmin,cn=users,dc=ibm,dc=com
objectclass: organizationalPerson
objectclass: person
objectclass: top
objectclass: inetOrgPerson
uid: wpsadmin
userpassword: wpsadmin
sn: admin
givenName: wps
cn: wps admin

dn: uid=wpsbind,cn=users,dc=ibm,dc=com
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
uid: wpsbind
userpassword: wpsbind
sn: bind
givenName: wps
cn: wps bind

dn: cn=wpsadmins,cn=groups,dc=ibm,dc=com
objectclass: groupOfUniqueNames
objectclass: top
uniquemember: uid=wpsadmin,cn=users,dc=ibm,dc=com
cn: wpsadmins

Integrate TDS LDAP with Websphere Applicaiton Server

Security is a critical aspect of any distributed application model. Most of the firms have a centralized repository of the users in LDAP servers like Active Directory, TDS, Open DJ etc.

Activity :
To Integrate Tivoli Directory Server LDAP with Websphere Application Server as Federated Repository

Assumptions : 
a) Tivoli Directory server is allready Installed and users are avaliable in it ( Note Any LDAP ie Active Directory , TDS , OpenDj , Sun Directory Server etc can be used )

b) Websphere Application Server is installed and profiles and servers created and running .
c) The TDS Ldap server should be reachable from the DMGR and the Nodes .. so you can test it using telnet command
From Dmgr and Node check telnet to LDAP at Port 389 ( or which ever port its is running)

Eg : telnet <Ldap IP> 389

d) In this example I have a Dmgr , Nodeagent and a server and will be integrating the Dmgr with TDS LDap

 

Steps to Integrate LDAP with WAS

Step 1: Details from the LDAP Team.
Before beginning the Ldap Integrating there are a few information  which are needed from the LDAP team ( If its not managed by you )

Basic Details needed :

Hostname/IP address of TDS Server : 10.0.0.15
Port No : 386  ( non SSL)
Bind DN : cn =root
Bind Password : password
Base Dn: dc=ibm,dc=com

Additional properties may be needed depending on your env like
User Filter:
Group filter:
User ID map:
Group ID map:  etc..

But in my case its not needed as most are default

NOTE : Ensure that the WAS admin user which we logged in the WAS console with ie wasadmin is unique in both the Filebased and in LDAP  ie the user wasadmin should not be avaliable in the LDAP  as its allready there in the FileBased Registry

And If “wasadmin” is also there in LDAP , then there will be conflict and we will be prevented to login to the admin console as “wasadmin” post the Integration with TDS.

As a best practice , keep wasadmin intact but create another user in the LDAP and later add this use to the admin group from the was console .

For eg  I have created “webadmin” as an user in the LDAP which I will add to the was administration group after the WAS integration wth LDAP in this article

This is applicable for all the users in the WAS and LDAP. It should be unique in the repositories

 

Step 2: Validating using LDAP Browsers

a) Downlaod the Ldap Browser and extract it . Then Launch the “lbe.jar”

lbe

lbe1

b) Go File >> New

lbe2

c) Give a name to the connections for recognition . I have entered TDSLDAP

lbe3

d) Go to “Connections” tab

LdapBrowser1
             1) Enter the IP Address(10.0.0.15) Port No (389) and click Fetch DN .
             2) Select dc=ibm,dc=com
            3) Uncheck  “Anonymous bind”
            4) Enter username “cn=root” and password = password
            5) Click Save and then Connect

e) We will see all the users which are there in the Ldap in the Ldap Browser console

LdapBrowser2

Step 3: Once all the information is available and validated, we can proceed with the integration of Ldap with WAS


Step 4: 
Login to the WAS Admin console with wasadmin user

url :https://10.0.0.15:9043/ibm/console 

Just to check the list of users Navigate to Users and Group >> Manage Users
We  see the List of users before the integration . Only “wasadmin” as File Based Realm

FederatedRepos0

Step 5: To Integrate Ldap .. Click  “Global Security “

FederatedRepos

Then Click “Configure” on the Federated Repositories


Step 6:
 Click on “Manage Repositories” as per the screenshot

FederatedRepos1


Step 7:
 Click  “ADD” and  , Select “LDAP repository” from the dropdown

FederatedRepos3


Step 8:
 This page we need to enter the details of the LDAP ( shared by Ldap team )
      a ) Enter the LDAP Name  (  Can be any name which will identify it . I have named it TDSLDAP )
     b )  In the Drop Down Select “IBM Tivoli Directory Server “
     c ) Enter the Bind Distintguised Name : cn=root
    d )   Enter the Bind Password : password
    e )  Here the Federated Repository properties for login is “uid” it might differ based on your              environment it could be “cn” “email id ” etc
    f )  Primary Host Name : connections.ibm.com ( you could provide the ip too )
    g )  Port No : 389
    i )  Click Apply and Save

FederatedRepos4

 

FederatedRepos5


Step 9:
 Click on Global security > Federated repositories

FederatedRepos6

Click on “Add Repositories ( LDAP custom etc )


Step 10:
 From the drop Down Select “TDSLDAP”

FederatedRepos7

Enter the Base DN in our case : dc=ibm,dc=com


Step 11:
 Click Apply and Save

FederatedRepos8


Step 12:
 Check “Allow operations if some of the repositories are down”

FederatedRepos9

This will enable us to login as wasadmin to the admin console even if the LDAP id down .


Step 13: 
Click Apply and Save

FederatedRepos10

Step 14: Do full Synchronise


Step 15:
 Stop the Servers, Nodeagent and the Dmgr

Stop Servers
/opt/IBM/WebSphere/AppServer/profiles/Custom01/bin/stopServer.sh server1

Stop Nodeagent
/opt/IBM/WebSphere/AppServer/profiles/Custom01/bin/stopNode.sh server1

Stop Dmgr
/opt/IBM/WebSphere/AppServer/profiles/Dmgr01/bin/stopManager.sh

 

Step 16: Start the Dmgr , Nodeagent and Servers
Start Dmgr :
/opt/IBM/WebSphere/AppServer/profiles/Dmgr01/bin/startManager.sh

Start Nodeagent :
/opt/IBM/WebSphere/AppServer/profiles/Custom01/bin/startNode.sh

Start Server :
/opt/IBM/WebSphere/AppServer/profiles/Custom01/bin/startServer.sh server1

Check for any errors for LDAP etc in the SystemOut logs


Step 17:
 Validation : Now login with the file based registry user ie “wasadmin”

We can see the users from the LDAP and also  wasadmin user from file based repository


tds1

 

 

Testing

Test 1: We will add user “santosh”  from the LDAP as a monitor role in WAS  and test it

           a ) Click User and Groups >> Administrative user Roles
Currently only “wasadmin” is available

FederatedRepos32

b )
 Click Add ,

FederatedRepos32

          c ) Select “monitor” Role
Search the users using the Search button , We will be able to see the users from the ldap
Select “santosh” and drag it to the other side

FederatedRepos33
Select OK and Save the configurations

FederatedRepos34
The user “santosh “ is added to the Administrative role as a “monitor” Role

FederatedRepos35Apply and Sync with the nodes

         d )  Now Logout

         e )  Try login with user Santosh and password: password (As mentioned in the LDAP ) 
         f )  We are able to login properly if all the setting are done correctly

FederatedRepos36
           g )  Navigate to other options and you will not see lots of options which were visible in the                            wasadmin login

FederatedRepos37
for eg under Nodes we dont see the options like Full Syncronise , Add etc


Test 2 :
 We will add webadmin this user is from the LDPA we will add it to the admin group

               a)  Click User and Groups >> Administrative user Roles
Currently only “wasadmin” is there
              b )  Click Add ,

              c )  Select “administrator” Role
Search the users using the Search button , We will be able to see the users there
Select “webadmin” and drag it to the other side

FederatedRepos38

Click OK and Save the changes

FederatedRepos39
Apply and Sync with the nodes

          d ) Now Logout

         e )  Try login with user webadmin and password: password (Password from the Ldap) 

FederatedRepos40
         f ) We will see all the options which were available for wasadmin is also available for                     “webadmin“.

 

This is how we integrate TDS LDAP with Websphere Application Server . Similarly we can integrate any LDAP like Active Directory  etc in a federated Repository .

 

 

To get regular mail updates on my Posts..
Please subscribe to the site http://webspherepundit.com
And also like the Facebook Page
https://www.facebook.com/webspherepundit

 

Step By Step Installation and Configuration of Tivoli Directory Server 6.3 on RHEL

Activity : High Level Steps for Installation and basic Configuration of  Tivoli Directory Server 6.3 on Linux RHEL

Environment : Redhat Linux 5.6 64 Bit
TDS Version : Tivoli Directory Server 6.3
Software File: tds63-linux-x86-64.iso

Step 1: Login to the Passport Advantage and download the TDS Software “tds63-linux-x86-64.iso

Step 2: Copy the software “tds63-linux-x86-64.iso” to the Linux Server

InstallTDS

InstallTDS1

Login to the TDS Server on the GUI Console or enable X11 forwarding to enable the GUI mode for the installation

Step 3: Mount the tds63-linux-x86-64.iso as a loop on the /mnt location using mount command

[root@connections IBMSoftware]# mount -o loop tds63-linux-x86-64.iso /mnt/

InstallTDS3
Step 4 :Navigate to the tds folder in the /mnt

login as: root
[root@connections2 ~]# cd /mnt/
[root@connections2 mnt]# ls -ltr

InstallTDS5

Step 5 :Execute the install_tds.bin folder

InstallTDS6

Step 6 : Select the English Language

InstallTDS7

Step 7 :The Install Shield Wizard opens up .. Click Next

InstallTDS8

 Step 8 : Accept the License

InstallTDS9

Step 9: Select the “Custom” Option

InstallTDS10

Step 10 : We can select the options available like

DB2 ( It is needed for the TDS . The user details , tree structure etc are all stored in the DB2 Database)
Tivoli Global Security Kit
Embedded Websphere Application Server  ( for the Web based administration )
etc
InstallTDS11

Step 11 :It provides the Summary of the path where the installation of various components would take place .
Click Install

InstallTDS12

Step 12 : It will take some time . the progress bar will display the components which are getting installed

InstallTDS13

InstallTDS14png

Step 13 :Once the Installation the TDS Instance Administration tool will open up
We need to create a new TDS instance ..

NOTE : you can launch the TDS Instance Administration tool using the idsxinst command too

[root@connections ~]# cd /opt/ibm/ldap/V6.3/sbin/
[root@connections sbin]# ./idsxinst

This tool will create the TDS Instance . Also note that this wizard will also create a DB instance

InstallTDS15

Step 14 :Check “Create the Instance “ Option

InstallTDS16

Step 15 : We will create a Default Instance

InstallTDS18

Step 16 : Update the passwords for the instance ( Please set a more complex password )
I have set password as “password
Encryption seed : qwertyqwerty
Administration DN password : password

Then Click Next

InstallTDS19
Step 17 :The Default Instance created is “dsrdbm01

InstallTDS20

Once done , Click Finish

It would take some time , Be patient ( you could view the logs on the console too )

InstallTDS21

Step 18 :The Task Completed Message would be prompted when its finished

InstallTDS22

Click Close

Step 19 : We can see the dsrdbm01 Instance Created

InstallTDS23

But you need to have X11 forwarding enabled on the Putty or the GUI mode for the Linux

Step 20 :Once the TDS Administration tool is launched

We observe that the TDS Instance Server is stopped state and TDS Administration Server is started state

To start the TDS Instance Server click on “Start/Stop”

InstallTDS23

Step 21 :Click the “Start Server” button

 

InstallTDS24
InstallTDS25

InstallTDS26

Step 22 : To View the details of the ports .. Click the View Button on the TDS Administration tool

InstallTDS26

InstallTDS29

Step 23 :To change the TDS Admin password :

In the TDS Administration tool >> Click on Manage

InstallTDS30
It will launch the TDS Configuration Tool

NOTE : To launch the TDS configuration tool you can navigate to /opt/ibm/ldap/V6.3/sbin/idsxcfg
[root@connections ~]# cd /opt/ibm/ldap/V6.3/sbin/
[root@connections sbin]# ./idsxcfg

Click on “Manage Administrator password “
Set the password

InstallTDS31

we need to restart the TDS Instance Server which will be prompted

InstallTDS32

 

These are the steps to install and create a Tivoli Directory Server Instances

Some Important Commands
Note : In our case “LDAP Install directory” is /opt/ibm/ldap/V6.3/sbin/
a) Starting an instance                     LDAP Install directory/sbin/idsslapd -I
b) Stopping an instance                   LDAP Install directory/bin/ibmdirctl stop -h [IP of the Server] -D cn=root -w password
Or
c) Stopping an instance                   LDAP Install directory/sbin/idsslapd -I -k
d) Checking an instance                  LDAP Install directory/bin/ibmdirctl status -h localhost -D cn=root -w password
e) Displaying list of instances        LDAP Install directory/sbin/idsilist
f) Loading the instance administration tool                         LDAP Install directory/sbin/idsxinst
g) Loading the configuration tool for an instance                    LDAP Install directory/sbin/idsxcfg -I 

 

 

==================================
==================================

Launch  WEB Admin Client

 

Note : Ensure that the Embedded Websphsere Application server was selected during installation .

If you have forgot to select or chose not to install it , it can be done later too ( a post for another time )

Step 1 : Launch the TDS Web App
a) Ensure that the embedded websphere server “server1″ is Installed and started
Navigate to /opt/ibm/ldap/V6.3/appsrv/profiles/TDSWebAdminProfile/bin/
To start the webapp ./startServer.sh server1
To stop the webapp ./stopServer.sh server1

b) Once the server1 is started launch the browser
http://10.0.0.10:12100/IDSWebApp/
These are the default credentials for the IDSWebApp
username : superadmin
password : secret

InstallTDS33
c) We need to the add the new TDS instance in the WebApp for management
Click on “Manage Console Servers”

InstallTDS36

d) Click on “Add”


InstallTDS37

Update the hostname , IP address and the port no of the TDS ( We will get from the TDS Administration Tool)

InstallTDS38
InstallTDS39png
  e) Ensure that the TDS instance Server is started (  Steps  to start mentioned above )

InstallTDS30

f) Click Logout

g)  Access the url http://10.0.0.10:12100/IDSWebApp/ again now ,
We will see the Node which we have added

InstallTDS40
h) Enter the login credentials ie “cn=root” And Password ” passord “ which we have set above
InstallTDS41
i) From this web console we can manage the TDS instance
InstallTDS44

 

==================================
==================================
Adding Suffices to the TDS LDAP

Adding Suffices to the LDAP

a) Launch the TDS Configuration tool ( Ensure that you have X11 forwarding to enable the GUI Mode ”

[root@connections sbin]# cd /opt/ibm/ldap/V6.3/sbin/
[root@connections sbin]# ./idsxcfg

InstallTDS45
b) Click on Manage Suffixes

InstallTDS46

Enter dc=ibm,dc=com  ( you can provide your own suffices like dc=myorg,dc=com )
Click Add

InstallTDS47
c ) We need to create an  ldif files which contains the users and groups

Suffix : dc=ibm,dc=com
create a file createUser.ldif
[root@connections V6.3]# vi /opt/ibm/ldap/V8.3/createuser.ldif

you can refer to for sample from the links below

Sample ldif file — 1  for suffix dc=ibm,dc=com
or
Sample ldif file — 2  for suffix   dc=myorg,dc=com

d ) We need to import the ldif files

Click on “Import LDIF Data
Browse the createUser.ldif file
Click Import
If there is any errors in the ldif file it will only load the once which are proper . The duplicate once or the error once will not be loaded

InstallTDS48
It will require the TDS Instance to be stopped .

InstallTDS49

e ) Once the import is completed then start the TDS Instance server
Navigate to Manage server state >> Start Server

InstallTDS50
f ) Validate the imported users in the TDS using the TDS WebApp console
Login to the TDS WebApp console
To validate the import of the users

http://10.0.0.10:12100/IDSWebApp

InstallTDS41

Click on the “Mange entries”

We will see all the users which are loaded from the ldif file .

InstallTDS53

  g) Validating using ldap Browsers
You can use any other Directory browsers avaliable

1)  Extract the Ldap Browser Utility and Launch the lbe.jar

lbe
lbe1
2) Click on File >> New

lbe2

3) Enter a Session Name : I have entered it TDSLDAP

lbe3

4)  Go to connections tab
LdapBrowser1
1) Enter the IP Address, Port No and click Get suffix .
2) Select dc=ibm,dc=com
3) Uncheck Anonymous login
4) Enter username cn=root and password = password
5) Click Save

5)  We will see all the users which are populated in the console

LdapBrowser2

 

These are the highlevel steps to start and have a running Tivoli Directory Server LDAP 6.3 quickly.

You can customize and change the configs as per your requirement.

 

 

To get regular mail updates on my Posts..
Please subscribe to the site http://webspherepundit.com
And also like the Facebook Page
https://www.facebook.com/webspherepundit