389 Directory Server is an Open Source LDAP server by Fedora, valid alternative to other implementations like as Apache DS, OpenLDAP or OpenDJ: let's see how to install it and use it with Apache Syncope.
389 Directory Server is an Open Source LDAP server by Fedora, valid alternative to other implementations like as Apache DS, OpenLDAP or OpenDJ: let's see how to install it and use it with Apache Syncope.
Installation and Configuration
1. To install 389 Directory Server on Ubuntu, run:
$ sudo apt-get install 389-*
2. before going into setup we need to modify permissions of two folders and to add a new user that will be associated to new LDAP service:
$ sudo useradd fds $ sudo chown fds:fds -R /var/lock/dirsrv/ /var/lib/dirsrv
3. run 389 DS setup:
$ sudo setup-ds-admin
Here provide fds as user, 1389 as LDAP port, and dc=tirasa,dc=net as base context.
4. After correct installation and startup we can effectively create the root object on LDAP:
[root@fedora ~]# ldapmodify -a -D "cn=Directory Manager" -p 1389 -h localhost -w password
dn: dc=tirasa,dc=net
objectclass:top
objectclass: domain
dc: tirasa
adding new entry "dc=tirasa,dc=net"389 as Syncope resource
This post should be enough to configure and use 389 Directory Server with Apache Syncope; only, you might want to enable the changelog in order to empower actual synchronization.
In order to enable the changelog in 389 DS you need to create an LDIF file with the following content:
dn: cn=Retro Changelog Plugin,cn=plugins,cn=config
changetype: modify
replace: nsslapd-pluginEnabled
nsslapd-pluginEnabled: onthen import it via:
$ ldapmodify -h server.example.com -p 1389 -D "cn= directory manager" -w password -f retro.ldifand restart DS:
$ sudo service dirsrv restartAt this point you should get an LDAP tree similar to the image below:
Terrible 