bravewu
- 浏览: 49403 次
- 性别:
- 来自: 大连
-
文章分类
最新评论
-
a5193806:
可以很强势
破解WebSphere Application Server加密密码的方法 -
wangqh_2008:
这个方法不错。只能在测评环境。
无需重复输入用户名和密码就可以直接进入WAS控制台的方法 -
wangqh_2008:
有点没有看明白呀,你在WAS控制台已经配置LDAP主机名和端口 ...
如何从WAS上动态获取LDAP服务器主机名称和端口号 -
wangqh_2008:
支持开源,盗版的有风险呀
偶常用的开源工具 -
badwood:
有人说:既然已经能够接触到was所在的文件系统,可以直接编辑& ...
破解WebSphere Application Server加密密码的方法
IBM的大多Web项目都是使用LDAP来做用户认证,而其中很多又是使用一种名叫UD(Unify Directory)的LDAP服务器。我初到IBM工作时,我所在项目开发所用的测试服务器都是用美国的,感觉很不方便,心里想,为什么不可以直接在本地安装一个LDAP服务器呢?带这个疑问,我在这个项目组工作了一年多。终于有一天我成功地在我本地电脑上安装了一个和美国完全一样的LDAP测试服务器。从此,我再不需要连到美国去才能起动我的WAS或WPS了。感觉真好啊!
以下便是我在本地安装这个UD的全过程,希望对大家有所帮助:
首先列一下安装UD所需的全部文件:
所需软件:
1. openldap-2.2.29-db-4.3.29-openssl-0.9.8a-win32_Setup.exe
2. LDAP-Browser-2.8.2.zip
这两个软件都是属于开源软件,不涉及版权问题,可以自由使用。
配置文件:
1. [open_ladp_root]/slapd.conf
2. [open_ladp_root]/schema/ud.schema
3. [ldap_browser_root]/localhost.cfg
LDAP测试用户数据:[ldap_browser_root]/ibm.ldif
以上文件均包含在本文的附件中。
请点击:
下载。
Pathes中包含所需的配置文件1和2。
而配置文件3和测试用户数据文件则已包含在了LDAP-Browser-2.8.2.zip中。
下面让我们来开始安装:
第一步:运行openldap-2.2.29-db-4.3.29-openssl-0.9.8a-win32_Setup.exe,按照默认选项完成openldap服务器的安装。
第二步:编辑slapd.conf:
第三步:创建ud.schema
第四步:在运行窗口中输入services.msc启动service管理器,然后启动“OpenLDAP Directory Service”。
第五步:编辑或创建[ldap_browser_root]/localhost.cfg
第六步:运行LDAP-Browser-2.8.2/lbe.bat,启动LDAP Browser。
第七步:在“Session List"选择框中选择"localhost",然后点击"connect"按钮。
第八步:编辑或创建[ldap_browser_root]/ibm.ldif
第九步:在左栏中选择“o=ibm.com”,然后选择“LDIF->Import”,在对话框中浏览选择“ibm.ldif”,最后点击“Import”按钮,完成全部安装。
以下便是我在本地安装这个UD的全过程,希望对大家有所帮助:
首先列一下安装UD所需的全部文件:
所需软件:
1. openldap-2.2.29-db-4.3.29-openssl-0.9.8a-win32_Setup.exe
2. LDAP-Browser-2.8.2.zip
这两个软件都是属于开源软件,不涉及版权问题,可以自由使用。
配置文件:
1. [open_ladp_root]/slapd.conf
2. [open_ladp_root]/schema/ud.schema
3. [ldap_browser_root]/localhost.cfg
LDAP测试用户数据:[ldap_browser_root]/ibm.ldif
以上文件均包含在本文的附件中。
请点击:
下载。
Pathes中包含所需的配置文件1和2。
而配置文件3和测试用户数据文件则已包含在了LDAP-Browser-2.8.2.zip中。
下面让我们来开始安装:
第一步:运行openldap-2.2.29-db-4.3.29-openssl-0.9.8a-win32_Setup.exe,按照默认选项完成openldap服务器的安装。
第二步:编辑slapd.conf:
# # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # ucdata-path ./ucdata include ./schema/core.schema include ./schema/cosine.schema include ./schema/misc.schema include ./schema/inetorgperson.schema include ./schema/ud.schema # Define global ACLs to disable default read access. # Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap:/root.openldap.org pidfile ./run/slapd.pid argsfile ./run/slapd.args # Load dynamic backend modules: # modulepath ./libexec/openldap # moduleload back_bdb.la # moduleload back_ldap.la # moduleload back_ldbm.la # moduleload back_passwd.la # moduleload back_shell.la # Sample security restrictions # Require integrity protection (prevent hijacking) # Require 112-bit (3DES or better) encryption for updates # Require 63-bit encryption for simple bind # security ssf=1 update_ssf=112 simple_bind=64 # Sample access control policy: # Root DSE: allow anyone to read it # Subschema (sub)entry DSE: allow anyone to read it # Other DSEs: # Allow self write access # Allow authenticated users read access # Allow anonymous users to authenticate # Directives needed to implement policy: # access to dn.base="" by * read # access to dn.base="cn=Subschema" by * read # access to * # by self write # by users read # by anonymous auth # # if no access controls are present, the default policy # allows anyone and everyone to read anything but restricts # updates to rootdn. (e.g., "access to * by * read") # # rootdn can always read and write EVERYTHING! ####################################################################### # BDB database definitions ####################################################################### database bdb suffix "o=ibm.com" rootdn "cn=Manager,o=ibm.com" # Cleartext passwords, especially for the rootdn, should # be avoid. See slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. rootpw secret # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory ./data # Indices to maintain index objectClass eq
第三步:创建ud.schema
# Unify Directory schema
# $OpenLDAP: pkg/ldap/servers/slapd/schema/core.schema,v 1.68.2.6 2005/01/20 17:01:18 kurt Exp $
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
##
## Copyright 1998-2005 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted only as authorized by the OpenLDAP
## Public License.
##
## A copy of this license is available in the file LICENSE in the
## top-level directory of the distribution or, alternatively, at
## <http://www.OpenLDAP.org/license.html>.
#
## Portions Copyright (C) The Internet Society (1997-2003).
## All Rights Reserved.
##
## This document and translations of it may be copied and furnished to
## others, and derivative works that comment on or otherwise explain it
## or assist in its implementation may be prepared, copied, published
## and distributed, in whole or in part, without restriction of any
## kind, provided that the above copyright notice and this paragraph are
## included on all such copies and derivative works. However, this
## document itself may not be modified in any way, such as by removing
## the copyright notice or references to the Internet Society or other
## Internet organizations, except as needed for the purpose of
## developing Internet standards in which case the procedures for
## copyrights defined in the Internet Standards process must be
## followed, or as required to translate it into languages other than
## English.
##
## The limited permissions granted above are perpetual and will not be
## revoked by the Internet Society or its successors or assigns.
##
## This document and the information contained herein is provided on an
## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
#
#
# Includes LDAPv3 schema items from:
# RFC 2252/2256 (LDAPv3)
#
# Select standard track schema items:
# RFC 1274 (uid/dc)
# RFC 2079 (URI)
# RFC 2247 (dc/dcObject)
# RFC 2587 (PKI)
# RFC 2589 (Dynamic Directory Services)
#
# Select informational schema items:
# RFC 2377 (uidObject)
#
# Standard attribute types from RFC 2256
#
# system schema
#attributetype ( 2.5.4.0 NAME 'objectClass'
# DESC 'RFC2256: object classes of the entity'
# EQUALITY objectIdentifierMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
# system schema
#attributetype ( 2.5.4.1 NAME ( 'aliasedObjectName' 'aliasedEntryName' )
# DESC 'RFC2256: name of aliased object'
# EQUALITY distinguishedNameMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.20081.9.1.1 NAME ( 'ibm-replicagroup' )
DESC 'RFC1274: RFC822 Mailbox'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
attributetype ( 1.3.6.1.4.1.20081.9.1.2 NAME ( 'ibm-allGroups' )
DESC 'RFC1274: RFC822 Mailbox'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
attributetype ( 1.3.6.1.4.1.20081.9.1.3 NAME ( 'authenid' )
DESC 'RFC1274: RFC822 Mailbox'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
attributetype ( 1.3.6.1.4.1.20081.9.1.4 NAME ( 'sourcedirectoryuid' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.1.5 NAME ( 'sourcedirectorydn' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.1.6 NAME ( 'passwordIsStruckOut' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.1.7 NAME ( 'sourcedirectory' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.1.8 NAME ( 'passwordIsExpired' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.1.9 NAME ( 'passwordmodifytimestamp' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.3.1 NAME ( 'mode' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.3.2 NAME ( 'viewaccess' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.3.3 NAME ( 'expirationdate' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.3.4 NAME ( 'admin' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.3.5 NAME ( 'aclPropagate' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.3.6 NAME ( 'aclSource' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.3.7 NAME ( 'aclEntry' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.3.8 NAME ( 'entryOwner' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.3.9 NAME ( 'ibm-allMembers' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.4.1 NAME ( 'ibm-capabilitiessubentry' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.4.2 NAME ( 'ibm-effectiveAcl' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.4.3 NAME ( 'ibm-entryChecksum' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.4.4 NAME ( 'ibm-entryChecksumOp' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.4.5 NAME ( 'ibm-entryUuid' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.4.6 NAME ( 'ibm-replicationIsQuiesced' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.4.7 NAME ( 'ibm-replicationThisServerIsMaster' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.4.8 NAME ( 'ownerPropagate' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.4.9 NAME ( 'ownerSource' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.5.1 NAME ( 'ibm-enabledCapabilities' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.5.2 NAME ( 'ibm-slapdWriteTimeout' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.5.3 NAME ( 'lomreturnsuccessfuloperations' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.5.4 NAME ( 'lomallowedattributes' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.5.5 NAME ( 'lomreturnfailedoperations' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.5.6 NAME ( 'lomreturnqueuename' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.5.7 NAME ( 'lommaymodifyentries' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.5.8 NAME ( 'lommayaddentries' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.5.9 NAME ( 'lommaydeleteentries' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.6.1 NAME ( 'ibm-replicaserverid' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.6.2 NAME ( 'ibm-replicationserverismaster' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.6.3 NAME ( 'ibm-replicaconsumerid' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.6.4 NAME ( 'ibm-replicationonhold' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.6.5 NAME ( 'ibm-replicacredentialsdn' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.20081.9.6.6 NAME ( 'ibm-replicaurl' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
# Standard object classes from RFC2256
# system schema
#objectclass ( 2.5.6.1 NAME 'alias'
# DESC 'RFC2256: an alias'
# SUP top STRUCTURAL
# MUST aliasedObjectName )
objectclass ( 1.3.6.1.4.1.20081.9.2.1 NAME 'udPerson'
DESC 'RFC2256: a country'
SUP top AUXILIARY
MUST (cn $ sn $ uid $ authenid $ o $ ou $ passwordIsExpired $ passwordIsStruckOut $ sourcedirectory $ sourcedirectorydn $ sourcedirectoryuid $ c $ passwordmodifytimestamp)
MAY (aclPropagate $ aclEntry $ aclSource $ entryOwner $ ibm-allGroups $ ibm-capabilitiessubentry $ ibm-effectiveAcl $ ibm-entryChecksum $ ibm-entryChecksumOp $ ibm-entryUuid $ ibm-replicationIsQuiesced $ ibm-replicationThisServerIsMaster $ ownerPropagate $ ownerSource $ mail $ givenName $ preferredLanguage)
)
objectclass ( 1.3.6.1.4.1.20081.9.2.2 NAME 'UDGroupOfUniqueNames'
DESC 'RFC2256: a country'
SUP top AUXILIARY
MUST (admin $ expirationdate $ mode $ viewaccess )
MAY (aclPropagate $ aclEntry $ aclSource $ entryOwner $ ibm-allMembers $ ibm-capabilitiessubentry $ ibm-effectiveAcl $ ibm-entryChecksum $ ibm-entryChecksumOp $ ibm-entryUuid $ ibm-replicationIsQuiesced $ ibm-replicationThisServerIsMaster $ ownerPropagate $ ownerSource)
)
objectclass ( 1.3.6.1.4.1.20081.9.2.3 NAME 'ibm-replicationContext'
DESC 'RFC2256: a country'
SUP top AUXILIARY
)
objectclass ( 1.3.6.1.4.1.20081.9.2.4 NAME 'ibm-replicaGroup'
DESC 'RFC2256: a country'
SUP top STRUCTURAL
MUST ibm-replicagroup
)
objectclass ( 1.3.6.1.4.1.20081.9.2.5 NAME 'ibmCapabilitiesSubentry'
DESC 'RFC2256: a country'
SUP top AUXILIARY
MUST (ibm-enabledCapabilities $ ibm-slapdWriteTimeout)
)
objectclass ( 1.3.6.1.4.1.20081.9.2.6 NAME 'lomExploiterHost'
DESC 'RFC2256: a country'
SUP top AUXILIARY
)
objectclass ( 1.3.6.1.4.1.20081.9.2.7 NAME 'eAccount'
DESC 'RFC2256: a country'
SUP top AUXILIARY
MUST (uid $ o $ ou)
)
objectclass ( 1.3.6.1.4.1.20081.9.2.8 NAME 'lomExploiter'
DESC 'RFC2256: a country'
SUP top AUXILIARY
MUST (usercertificate $ cn )
MAY (lommaymodifyentries $ lomreturnqueuename $ lomreturnfailedoperations $ lomallowedattributes $ lomreturnsuccessfuloperations $ lommaydeleteentries $ lommayaddentries)
)
objectclass ( 1.3.6.1.4.1.20081.9.2.9 NAME 'ibm-replicaSubentry'
DESC 'RFC2256: a country'
SUP top STRUCTURAL
MUST (ibm-replicaserverid $ ibm-replicationserverismaster $ cn)
MAY description
)
objectclass ( 1.3.6.1.4.1.20081.9.2.10 NAME 'ibm-replicationAgreement'
DESC 'RFC2256: a country'
SUP top STRUCTURAL
MUST (ibm-replicaconsumerid $ ibm-replicationonhold $ ibm-replicaurl $ ibm-replicacredentialsdn $ cn)
MAY description
)
第四步:在运行窗口中输入services.msc启动service管理器,然后启动“OpenLDAP Directory Service”。
第五步:编辑或创建[ldap_browser_root]/localhost.cfg
################################# # LDAP Browser v2.8 config file # ################################# password=secret managerlogin=yes version=3 managereferrals=no leafindicatortype=int autoconnect=yes timeout=0 sorttree=ascending port=389 batchsize=0 supportsmovetree=no basedn=o=ibm.com host=localhost derefaliases=always sslport=636 limit=0 leafindicator=numsubordinates deleteolddn=yes managerdn=cn=Manager,o=ibm.com
第六步:运行LDAP-Browser-2.8.2/lbe.bat,启动LDAP Browser。
第七步:在“Session List"选择框中选择"localhost",然后点击"connect"按钮。
第八步:编辑或创建[ldap_browser_root]/ibm.ldif
dn: o=ibm.com objectClass: top objectClass: organization o: ibm.com dn: ou=groups,o=ibm.com objectClass: organizationalUnit objectClass: top ou: groups dn: cn=ud,ou=groups,o=ibm.com objectClass: groupOfUniqueNames objectClass: top objectClass: UDGroupOfUniqueNames admin: uid=ZZZZZZ000WI,ou=persons,o=ibm.com cn: ud description: test expirationdate: 20050429 mode: memberlist o: ibm.com ou: groups owner: uid=ZZZZZZ000WI,ou=persons,o=ibm.com uniquemember: uid=ZZZZZZ000WI,ou=persons,o=ibm.com viewaccess: Owner/Admins aclEntry: group:CN=ANYBODY:normal:rsc:system:rsc:restricted:rsc aclPropagate: TRUE aclSource: default entryOwner: access-id:CN=ROOT ibm-allMembers: uid=ZZZZZZ000WI,ou=persons,o=ibm.com ibm-capabilitiessubentry: cn=ibm-capabilities,o=ibm.com ibm-effectiveAcl: group:CN=ANYBODY:restricted:rsc:system:rsc:normal:rsc ibm-entryChecksum: 425:11:19:7315B995:13C100EE ibm-entryChecksumOp: 108:5:5:83DE22E1:1C600A98 ibm-entryUuid: 430090c0-65a4-102a-817e-ac5c698b35e1 ibm-replicationIsQuiesced: FALSE ibm-replicationThisServerIsMaster: FALSE ownerPropagate: TRUE ownerSource: default dn: ou=persons,o=ibm.com objectClass: organizationalUnit objectClass: top ou: persons dn: uid=ZZZZZZ000WI,ou=persons,o=ibm.com objectclass: udPerson objectclass: top objectclass: person authenid: ud@ibm.com c: us cn: ud givenname: ud mail: ud@ibm.com o: ibm.com ou: persons userPassword: ud passwordisexpired: false passwordisstruckout: false passwordmodifytimestamp: 20060512 sn: ud sourcedirectory: WI sourcedirectorydn: IBMuniqueIdentifier=uid=ZZZZZZ000,cn=people,c=US,l=world sourcedirectoryuid: ZZZZZZ000 uid: ZZZZZZ000WI aclEntry: group:CN=ANYBODY:normal:rsc:system:rsc:restricted:rsc aclPropagate: TRUE aclSource: default entryOwner: access-id:CN=ROOT ibm-capabilitiessubentry: cn=ibm-capabilities,o=ibm.com ibm-effectiveAcl: group:CN=ANYBODY:restricted:rsc:system:rsc:normal:rsc ibm-entryChecksum: 198:17:19:86C67C86:82801FF3 ibm-entryChecksumOp: 102:5:5:6C7521C5:3D3D0C8E ibm-entryUuid: 8b422a40-7609-102a-9b1c-862c2bb65bb2 ibm-replicationIsQuiesced: FALSE ibm-replicationThisServerIsMaster: FALSE ownerPropagate: TRUE ownerSource: default
第九步:在左栏中选择“o=ibm.com”,然后选择“LDIF->Import”,在对话框中浏览选择“ibm.ldif”,最后点击“Import”按钮,完成全部安装。
- 大小: 20.3 KB
- UDInstallationFiles.zip (2.2 MB)
- 下载次数: 302
- 大小: 18.5 KB
- 大小: 9.3 KB
- 大小: 13.2 KB
- 大小: 9.6 KB
分享到:
发表评论
相关推荐
3. 配置MQ服务器连接:在安装过程中,可以配置连接到IBM MQ服务器的参数,如主机名、端口、队列管理器名称等。这些信息需提前从MQ管理员处获取。 4. 安装完成后,可以在“开始”菜单找到IBM MQ Explorer的快捷方式...
初学 IBM MQ,找遍了资料,都是5.x的,经过一个星期的奋斗,终于搞通了.
官网下载IBM MQ需要登录,这是试用版的IBM_MQ_9.1_WINDOWS_TRIAL.zip,文档中时网盘的下载链接和提取码,下载后解压直接安装Setup.exe就行
7. 应用程序开发工具:如Visual Basic或Visual Studio的控件,便于开发人员在Windows环境下构建与IBM i交互的应用。 在标签中提到的"IBM驱动"可能指的是iSeries Access提供的各种驱动程序,它们是连接到IBM i系统的...
在安装Windows Server 2008 R2操作系统之前,需要进行一些准备工作,以确保安装过程顺利进行。 1. **配置RAID**:为了保障数据的安全性和系统的性能,建议在安装操作系统之前先配置好RAID。配置方法可以参考相关的...
在安装过程中要注意,使用ServerGuide光盘会清除硬盘上的所有数据,所以在安装前务必备份重要数据,除非你已经做好了数据迁移或选择了其他安装方式。 在安装过程中可能会遇到的阵列配置选项有: - RAID Defaults:...
在Windows 64位操作系统环境下,确保数据稳定访问和高效传输的关键技术之一是多路径I/O (MPIO)。MPIO是一种功能,它允许多个物理路径连接到同一个存储设备,以提高系统的冗余和容错能力,防止单一路径故障导致的服务...
IBM x3250 M5 的系统安装特别麻烦,本人安装后,为了节省大家的时间,特写此文档,给大家提供帮助。
IBM Tivoli Storage Manager for Windows V5.2 是一个强大的数据备份与恢复解决方案,适用于需要在Windows环境中部署可靠的数据保护措施的企业。该软件支持多种网络环境,具有丰富的功能特性,并且提供了详细的安装...
### IBM RSA工具包在Windows上的安装步骤 IBM Rational Software Architect(简称RSA)是一款强大的建模与设计工具,广泛应用于软件开发领域。对于初次接触IBM RSA的用户来说,正确的安装过程至关重要。本文将根据...
在IT领域,IBM的TotalStorage Product Suite (TSM) 是一款功能强大的数据备份与恢复解决方案,广泛应用于企业级数据管理。...在安装完成后,持续的监控和定期的维护同样重要,以保持TSM系统的稳定性和高效性。
### IBM Informix Dynamic Server for Windows 安装指南 #### 知识点一:IBM Informix Dynamic Server 概述 - **定义与用途**:IBM Informix Dynamic Server (IDS) 是一款高性能、高可用性的数据库管理系统,它专...
根据给定的文件信息,我们可以总结出关于IBM Tivoli Directory Server 6.0 (TDS)在Windows环境下的安装与配置的关键知识点: ### 1. 安装前的准备 #### 1.1 Windows操作系统 确保使用的是支持TDS 6.1的Windows操作...
4. 配置硬件:在安装过程中,系统会检测硬件并要求确认配置。 5. 安装软件:按照向导提示,选择安装选项并等待安装完成。 二、配置IBM SVC管理口IP 管理口IP的设置对于远程管理和监控SVC至关重要。在安装完成后,...
IBM X3650 M5安装windows2008 32位操作系统方法
IBM MQ,全称为IBM WebSphere MQ,是一款由IBM公司开发的消息中间件产品,它在企业级应用集成中扮演着至关重要的角色。IBM MQ 7.5.0是该产品的特定版本,专为Windows操作系统设计。这个版本包含了所有必要的组件和...
在本教程中,我们将深入探讨如何在Windows XP操作系统上安装IBM DB2数据库管理系统,并通过Toad for DB2客户端进行访问。DB2是IBM提供的一款强大、可靠的数据库解决方案,广泛应用于企业级应用。以下是对整个过程的...
资源名称:IBM MQ7.5安装配置(Win)内容简介: IBM的MQ网上安装部署的资料比较少见,抽空整理了一个,截图,都图形化的操作界面,适用于初学者。熟悉了以后,就不用图形了,直接敲命令行就可以了。资源截图: 资源太...
在安装IBM MQ 9.1 for Windows 试用版时,"MQServer"可能包含以下组件: 1. 安装程序和许可证文件:用于安装和激活IBM MQ服务器。 2. 配置工具:如MQ Explorer,用于配置队列管理器、队列和通道等。 3. 示例代码和...