Context Navigation

← Previous Change
Wiki History
Next Change →

Changes between Initial Version and Version 1 of guiiam2018

Timestamp:: Sep 15, 2018, 7:58:45 PM (6 years ago)
Author:: admin
Comment:: --

Legend:

: Unmodified
: Added
: Removed
: Modified

guiiam2018

               v1
+= LDAP UI Installation =
+Native LDAP store doesn't come with a GUI. Therefore, as administrators we may have to provide a nice user interface to our users. This UI should have the capability of changing details of users password resets, etc. To do these actions there are lot of open source packages as well as commercialized products.
+On this tutorial we will go through two UI setups that will focus on different outputs.
+/ Apache Directory Studio (For Admins)
+Download and install
+The latest version of Apache Directory Studio can be downloaded from the Apache Directory Studio Downloads page, at this address : http://directory.apache.org/studio/downloads.html .
+Installation steps https://directory.apache.org/studio/users-guide/apache_directory_studio/download_install.html
+Once the installation succeeds open the Apache Directory Studio.
+Creating the ldap connection:
+Go to File --> new --> ldap browser --> ldap connection --> next
+Enter your deatils:
+Connection Name: LDAP Server
+Hostname: ldap://idp.instXY.ac.lk
+port: 389
+Encrypted Method: Use STARTTLS
+Provider: Apache Directory LDAP Client API
+Next
+Authentication Method: Simple Authentication
+Bind Dn: cn=admin,dc=thilinapathirana,dc=xyz
+Bind Password:
+Click Check Authentication to make sure your credentials work. For the first time it ask to trust the self signed certificate.
+Select Always trust this Certificate and click OK
+Then click Finish.
+To connect, double click the connection just created from Connections list.
+Once connected you can browse through the directory using the LDAP Browser.
+When modifying entries you may use a ldif file or the GUI.
+Using GUI to create an OU:
+Select root location for the OU (eg. dc=instXY,dc=ac,dc=lk)
+Select New Entry on Right click Menu
+Then Create entry from Scratch --> Next
+Select OrganizationalUnit and click Add and Next
+Type OU as the RDN and the desired value in-front of it then Next and Finish
+Adding a User Group
+Select root location for the OU (eg. ou=Group,dc=instXY,dc=ac,dc=lk)
+Select New Entry on Right click Menu
+Then Create entry from Scratch --> Next
+Select groupofNames and click Add and Next
+Type CN as the RDN and the desired value in-front of it then Next
+You will prompt with a user add window as DN Editor. Select a user from browser and click OK
+Adding a new User
+Select root location for the OU (eg. ou=People,dc=instXY,dc=ac,dc=lk)
+Select New Entry on Right click Menu
+Then Create entry from Scratch --> Next
+Select inetOrgPerson and click Add
+Select eduPerson and click Add and Next
+Type uid as the RDN and the desired usernsme value in-front of it then Next
+Enter desired values for cn (First Name) and sn (last Name)
+Enter new attribute from right lick menu of as userPassword and click finish. when it asks, enter the new users password and select Plaintext as the hash method and click OK
+You may add any new attribute as well.
+Then click finish
+More documentation can be found on https://directory.apache.org/studio/users-guide/
+/ Keycloak Server (For End Users)
+Keycloak is an open source identity and access management solution, we will use keycloak to provide a friendly self care portal to users allowing services such as password resets.
+wget https://downloads.jboss.org/keycloak/4.4.0.Final/keycloak-4.4.0.Final.tar.gz
+tar -xvzf keycloak-4.4.0.Final.tar.gz
+cd keycloak-4.3.0.Final/bin/
+./add-user-keycloak.sh -r master -u ###UserName### -p ###Password###
+vim standalone/configuration/standalone.xml
+./standalone.sh -b 0.0.0.0 &