浏览 3495 次
锁定老帖子 主题:如何在Windows下安装IBM所用的UD
精华帖 (0) :: 良好帖 (0) :: 新手帖 (0) :: 隐藏帖 (0)
|
|
---|---|
作者 | 正文 |
发表时间:2009-01-24
最后修改:2009-01-28
为什么不可以直接在本地安装一个LDAP服务器呢?带这个疑问,我在这个项目组工作了一年多。终于有一天我成功地在我本地电脑上安装了一个和美国完全一样的LDAP测试服务器。从此,我再不需要连到美国去才能起动我的WAS或WPS了。感觉真好啊!
IBM的大多Web项目都是使用LDAP来做用户认证,而其中很多又是使用一种名叫UD(Unify Directory)的LDAP服务器。我初到IBM工作时,我所在项目开发所用的测试服务器都是用美国的,感觉很不方便,心里想,
以下便是我在本地安装这个UD的全过程,希望对大家有所帮助: 首先列一下安装UD所需的全部文件: 所需软件: 1. openldap-2.2.29-db-4.3.29-openssl-0.9.8a-win32_Setup.exe 2. LDAP-Browser-2.8.2.zip 这两个软件都是属于开源软件,不涉及版权问题,可以自由使用。 配置文件: 1. [open_ladp_root]/slapd.conf 2. [open_ladp_root]/schema/ud.schema 3. [ldap_browser_root]/localhost.cfg LDAP测试用户数据:[ldap_browser_root]/ibm.ldif 以上文件均包含在本文的附件中。 请点击: 下载。 Pathes中包含所需的配置文件1和2。 而配置文件3和测试用户数据文件则已包含在了LDAP-Browser-2.8.2.zip中。 下面让我们来开始安装: 第一步:运行openldap-2.2.29-db-4.3.29-openssl-0.9.8a-win32_Setup.exe,按照默认选项完成openldap服务器的安装。 第二步:编辑slapd.conf: # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # ucdata-path ./ucdata include ./schema/core.schema include ./schema/cosine.schema include ./schema/misc.schema include ./schema/inetorgperson.schema include ./schema/ud.schema # Define global ACLs to disable default read access. # Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap:/root.openldap.org pidfile ./run/slapd.pid argsfile ./run/slapd.args # Load dynamic backend modules: # modulepath ./libexec/openldap # moduleload back_bdb.la # moduleload back_ldap.la # moduleload back_ldbm.la # moduleload back_passwd.la # moduleload back_shell.la # Sample security restrictions # Require integrity protection (prevent hijacking) # Require 112-bit (3DES or better) encryption for updates # Require 63-bit encryption for simple bind # security ssf=1 update_ssf=112 simple_bind=64 # Sample access control policy: # Root DSE: allow anyone to read it # Subschema (sub)entry DSE: allow anyone to read it # Other DSEs: # Allow self write access # Allow authenticated users read access # Allow anonymous users to authenticate # Directives needed to implement policy: # access to dn.base="" by * read # access to dn.base="cn=Subschema" by * read # access to * # by self write # by users read # by anonymous auth # # if no access controls are present, the default policy # allows anyone and everyone to read anything but restricts # updates to rootdn. (e.g., "access to * by * read") # # rootdn can always read and write EVERYTHING! ####################################################################### # BDB database definitions ####################################################################### database bdb suffix "o=ibm.com" rootdn "cn=Manager,o=ibm.com" # Cleartext passwords, especially for the rootdn, should # be avoid. See slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. rootpw secret # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory ./data # Indices to maintain index objectClass eq 第三步:创建ud.schema # Unify Directory schema # $OpenLDAP: pkg/ldap/servers/slapd/schema/core.schema,v 1.68.2.6 2005/01/20 17:01:18 kurt Exp $ ## This work is part of OpenLDAP Software <http://www.openldap.org/>. ## ## Copyright 1998-2005 The OpenLDAP Foundation. ## All rights reserved. ## ## Redistribution and use in source and binary forms, with or without ## modification, are permitted only as authorized by the OpenLDAP ## Public License. ## ## A copy of this license is available in the file LICENSE in the ## top-level directory of the distribution or, alternatively, at ## <http://www.OpenLDAP.org/license.html>. # ## Portions Copyright (C) The Internet Society (1997-2003). ## All Rights Reserved. ## ## This document and translations of it may be copied and furnished to ## others, and derivative works that comment on or otherwise explain it ## or assist in its implementation may be prepared, copied, published ## and distributed, in whole or in part, without restriction of any ## kind, provided that the above copyright notice and this paragraph are ## included on all such copies and derivative works. However, this ## document itself may not be modified in any way, such as by removing ## the copyright notice or references to the Internet Society or other ## Internet organizations, except as needed for the purpose of ## developing Internet standards in which case the procedures for ## copyrights defined in the Internet Standards process must be ## followed, or as required to translate it into languages other than ## English. ## ## The limited permissions granted above are perpetual and will not be ## revoked by the Internet Society or its successors or assigns. ## ## This document and the information contained herein is provided on an ## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING ## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING ## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION ## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF ## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. # # # Includes LDAPv3 schema items from: # RFC 2252/2256 (LDAPv3) # # Select standard track schema items: # RFC 1274 (uid/dc) # RFC 2079 (URI) # RFC 2247 (dc/dcObject) # RFC 2587 (PKI) # RFC 2589 (Dynamic Directory Services) # # Select informational schema items: # RFC 2377 (uidObject) # # Standard attribute types from RFC 2256 # # system schema #attributetype ( 2.5.4.0 NAME 'objectClass' # DESC 'RFC2256: object classes of the entity' # EQUALITY objectIdentifierMatch # SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) # system schema #attributetype ( 2.5.4.1 NAME ( 'aliasedObjectName' 'aliasedEntryName' ) # DESC 'RFC2256: name of aliased object' # EQUALITY distinguishedNameMatch # SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.20081.9.1.1 NAME ( 'ibm-replicagroup' ) DESC 'RFC1274: RFC822 Mailbox' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) attributetype ( 1.3.6.1.4.1.20081.9.1.2 NAME ( 'ibm-allGroups' ) DESC 'RFC1274: RFC822 Mailbox' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) attributetype ( 1.3.6.1.4.1.20081.9.1.3 NAME ( 'authenid' ) DESC 'RFC1274: RFC822 Mailbox' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) attributetype ( 1.3.6.1.4.1.20081.9.1.4 NAME ( 'sourcedirectoryuid' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.1.5 NAME ( 'sourcedirectorydn' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.1.6 NAME ( 'passwordIsStruckOut' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.1.7 NAME ( 'sourcedirectory' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.1.8 NAME ( 'passwordIsExpired' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.1.9 NAME ( 'passwordmodifytimestamp' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.3.1 NAME ( 'mode' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.3.2 NAME ( 'viewaccess' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.3.3 NAME ( 'expirationdate' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.3.4 NAME ( 'admin' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.3.5 NAME ( 'aclPropagate' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.3.6 NAME ( 'aclSource' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.3.7 NAME ( 'aclEntry' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.3.8 NAME ( 'entryOwner' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.3.9 NAME ( 'ibm-allMembers' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.4.1 NAME ( 'ibm-capabilitiessubentry' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.4.2 NAME ( 'ibm-effectiveAcl' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.4.3 NAME ( 'ibm-entryChecksum' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.4.4 NAME ( 'ibm-entryChecksumOp' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.4.5 NAME ( 'ibm-entryUuid' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.4.6 NAME ( 'ibm-replicationIsQuiesced' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.4.7 NAME ( 'ibm-replicationThisServerIsMaster' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.4.8 NAME ( 'ownerPropagate' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.4.9 NAME ( 'ownerSource' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.5.1 NAME ( 'ibm-enabledCapabilities' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.5.2 NAME ( 'ibm-slapdWriteTimeout' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.5.3 NAME ( 'lomreturnsuccessfuloperations' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.5.4 NAME ( 'lomallowedattributes' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.5.5 NAME ( 'lomreturnfailedoperations' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.5.6 NAME ( 'lomreturnqueuename' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.5.7 NAME ( 'lommaymodifyentries' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.5.8 NAME ( 'lommayaddentries' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.5.9 NAME ( 'lommaydeleteentries' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.6.1 NAME ( 'ibm-replicaserverid' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.6.2 NAME ( 'ibm-replicationserverismaster' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.6.3 NAME ( 'ibm-replicaconsumerid' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.6.4 NAME ( 'ibm-replicationonhold' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.6.5 NAME ( 'ibm-replicacredentialsdn' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) attributetype ( 1.3.6.1.4.1.20081.9.6.6 NAME ( 'ibm-replicaurl' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) # Standard object classes from RFC2256 # system schema #objectclass ( 2.5.6.1 NAME 'alias' # DESC 'RFC2256: an alias' # SUP top STRUCTURAL # MUST aliasedObjectName ) objectclass ( 1.3.6.1.4.1.20081.9.2.1 NAME 'udPerson' DESC 'RFC2256: a country' SUP top AUXILIARY MUST (cn $ sn $ uid $ authenid $ o $ ou $ passwordIsExpired $ passwordIsStruckOut $ sourcedirectory $ sourcedirectorydn $ sourcedirectoryuid $ c $ passwordmodifytimestamp) MAY (aclPropagate $ aclEntry $ aclSource $ entryOwner $ ibm-allGroups $ ibm-capabilitiessubentry $ ibm-effectiveAcl $ ibm-entryChecksum $ ibm-entryChecksumOp $ ibm-entryUuid $ ibm-replicationIsQuiesced $ ibm-replicationThisServerIsMaster $ ownerPropagate $ ownerSource $ mail $ givenName $ preferredLanguage) ) objectclass ( 1.3.6.1.4.1.20081.9.2.2 NAME 'UDGroupOfUniqueNames' DESC 'RFC2256: a country' SUP top AUXILIARY MUST (admin $ expirationdate $ mode $ viewaccess ) MAY (aclPropagate $ aclEntry $ aclSource $ entryOwner $ ibm-allMembers $ ibm-capabilitiessubentry $ ibm-effectiveAcl $ ibm-entryChecksum $ ibm-entryChecksumOp $ ibm-entryUuid $ ibm-replicationIsQuiesced $ ibm-replicationThisServerIsMaster $ ownerPropagate $ ownerSource) ) objectclass ( 1.3.6.1.4.1.20081.9.2.3 NAME 'ibm-replicationContext' DESC 'RFC2256: a country' SUP top AUXILIARY ) objectclass ( 1.3.6.1.4.1.20081.9.2.4 NAME 'ibm-replicaGroup' DESC 'RFC2256: a country' SUP top STRUCTURAL MUST ibm-replicagroup ) objectclass ( 1.3.6.1.4.1.20081.9.2.5 NAME 'ibmCapabilitiesSubentry' DESC 'RFC2256: a country' SUP top AUXILIARY MUST (ibm-enabledCapabilities $ ibm-slapdWriteTimeout) ) objectclass ( 1.3.6.1.4.1.20081.9.2.6 NAME 'lomExploiterHost' DESC 'RFC2256: a country' SUP top AUXILIARY ) objectclass ( 1.3.6.1.4.1.20081.9.2.7 NAME 'eAccount' DESC 'RFC2256: a country' SUP top AUXILIARY MUST (uid $ o $ ou) ) objectclass ( 1.3.6.1.4.1.20081.9.2.8 NAME 'lomExploiter' DESC 'RFC2256: a country' SUP top AUXILIARY MUST (usercertificate $ cn ) MAY (lommaymodifyentries $ lomreturnqueuename $ lomreturnfailedoperations $ lomallowedattributes $ lomreturnsuccessfuloperations $ lommaydeleteentries $ lommayaddentries) ) objectclass ( 1.3.6.1.4.1.20081.9.2.9 NAME 'ibm-replicaSubentry' DESC 'RFC2256: a country' SUP top STRUCTURAL MUST (ibm-replicaserverid $ ibm-replicationserverismaster $ cn) MAY description ) objectclass ( 1.3.6.1.4.1.20081.9.2.10 NAME 'ibm-replicationAgreement' DESC 'RFC2256: a country' SUP top STRUCTURAL MUST (ibm-replicaconsumerid $ ibm-replicationonhold $ ibm-replicaurl $ ibm-replicacredentialsdn $ cn) MAY description ) 第四步:在运行窗口中输入services.msc启动service管理器,然后启动“OpenLDAP Directory Service”。 第五步:编辑或创建[ldap_browser_root]/localhost.cfg ################################# # LDAP Browser v2.8 config file # ################################# password=secret managerlogin=yes version=3 managereferrals=no leafindicatortype=int autoconnect=yes timeout=0 sorttree=ascending port=389 batchsize=0 supportsmovetree=no basedn=o=ibm.com host=localhost derefaliases=always sslport=636 limit=0 leafindicator=numsubordinates deleteolddn=yes managerdn=cn=Manager,o=ibm.com 第六步:运行LDAP-Browser-2.8.2/lbe.bat,启动LDAP Browser。 第七步:在“Session List"选择框中选择"localhost",然后点击"connect"按钮。 第八步:编辑或创建[ldap_browser_root]/ibm.ldif dn: o=ibm.com objectClass: top objectClass: organization o: ibm.com dn: ou=groups,o=ibm.com objectClass: organizationalUnit objectClass: top ou: groups dn: cn=ud,ou=groups,o=ibm.com objectClass: groupOfUniqueNames objectClass: top objectClass: UDGroupOfUniqueNames admin: uid=ZZZZZZ000WI,ou=persons,o=ibm.com cn: ud description: test expirationdate: 20050429 mode: memberlist o: ibm.com ou: groups owner: uid=ZZZZZZ000WI,ou=persons,o=ibm.com uniquemember: uid=ZZZZZZ000WI,ou=persons,o=ibm.com viewaccess: Owner/Admins aclEntry: group:CN=ANYBODY:normal:rsc:system:rsc:restricted:rsc aclPropagate: TRUE aclSource: default entryOwner: access-id:CN=ROOT ibm-allMembers: uid=ZZZZZZ000WI,ou=persons,o=ibm.com ibm-capabilitiessubentry: cn=ibm-capabilities,o=ibm.com ibm-effectiveAcl: group:CN=ANYBODY:restricted:rsc:system:rsc:normal:rsc ibm-entryChecksum: 425:11:19:7315B995:13C100EE ibm-entryChecksumOp: 108:5:5:83DE22E1:1C600A98 ibm-entryUuid: 430090c0-65a4-102a-817e-ac5c698b35e1 ibm-replicationIsQuiesced: FALSE ibm-replicationThisServerIsMaster: FALSE ownerPropagate: TRUE ownerSource: default dn: ou=persons,o=ibm.com objectClass: organizationalUnit objectClass: top ou: persons dn: uid=ZZZZZZ000WI,ou=persons,o=ibm.com objectclass: udPerson objectclass: top objectclass: person authenid: ud@ibm.com c: us cn: ud givenname: ud mail: ud@ibm.com o: ibm.com ou: persons userPassword: ud passwordisexpired: false passwordisstruckout: false passwordmodifytimestamp: 20060512 sn: ud sourcedirectory: WI sourcedirectorydn: IBMuniqueIdentifier=uid=ZZZZZZ000,cn=people,c=US,l=world sourcedirectoryuid: ZZZZZZ000 uid: ZZZZZZ000WI aclEntry: group:CN=ANYBODY:normal:rsc:system:rsc:restricted:rsc aclPropagate: TRUE aclSource: default entryOwner: access-id:CN=ROOT ibm-capabilitiessubentry: cn=ibm-capabilities,o=ibm.com ibm-effectiveAcl: group:CN=ANYBODY:restricted:rsc:system:rsc:normal:rsc ibm-entryChecksum: 198:17:19:86C67C86:82801FF3 ibm-entryChecksumOp: 102:5:5:6C7521C5:3D3D0C8E ibm-entryUuid: 8b422a40-7609-102a-9b1c-862c2bb65bb2 ibm-replicationIsQuiesced: FALSE ibm-replicationThisServerIsMaster: FALSE ownerPropagate: TRUE ownerSource: default 第九步:在左栏中选择“o=ibm.com”,然后选择“LDIF->Import”,在对话框中浏览选择“ibm.ldif”,最后点击“Import”按钮,完成全部安装。 声明:ITeye文章版权属于作者,受法律保护。没有作者书面许可不得转载。
推荐链接
|
|
返回顶楼 | |