Build LDAP server under Windows

51 Idle to Nothing, plus the project is being carried out uat. Time to study LDAP-related knowledge. Make a record at your fingertips.

What is LDAP for readability or first?

Preface, lightweight Directory Access Protocol:

The lightweight Directory Access Protocol , or LDAP , is a application Protocol for querying an D modifying directory services running over TCP/IP . (via Wikipedia ). LDAP full name is a Lightweight Directory Access Protocol, which is based on TCP/IP to query and modify directory services. This is translated according to the wiki, but someone has to ask what is directory service?

As the wiki says: in the software industry, a directory is like a dictionary, and he makes it possible to find the way in which a name can be found to be bound to that name. A bit like the concept of map in Java. A directory service is simply the software system then stores, organizes and provides access to information in a Directory. A directory service is a simple software system that provides the ability to access and organize information in this directory. The LDAP directory can store various types of data: e-mail addresses, message routing information, human resources data, public keys, contact lists, and so on.

OK, get to the chase. Google search Windows LDAP server , finally found a better popular:OpenLDAP (click to download).

First, OPENLDAP installation and configuration

Installation is still relatively simple, always next is good.

Remember to select the above 2, register LDAP as a service of the system, the default installation location: C:\Program Files\openldap,

Go to the installation directory and edit the slapd.conf file:

Found it

Ucdata-path./ucdata
Include./schema/core.schema

Add below: ( note Your system path, may vary slightly depending on the installation location)

Include./schema/core.schema (here and the original, if you join the words will be repeated, not start normally.) should be added in addition to this sentence)
Include./schema/corba.schema
Include./schema/dyngroup.schema
Include./schema/java.schema
Include./schema/misc.schema
Include./schema/cosine.schema
Include./schema/nis.schema
Include./schema/inetorgperson.schema
Include./schema/openldap.schema

After this is done, in the back of the same file (about 65-66 lines, modify)

Suffix "o=anotherbug,c=com" (direct copy of past quotes will become Chinese.) Note the quotation marks in English, will affect the start up)
RootDN "Cn=manager,o=anotherbug,c=com"

There is the 70th line in the location: Rootpw secret, here to modify the password after encryption.

Specific operation:

Open the command line, navigate to the installation directory, enter: slappasswd-h {md5}–s "Replace with the password you want to set, no quotation marks"

The generated MD5 ciphertext: {md5}xr4ilozq4pcoq3aq0qbuaq== fill in the original secret position.

OK this configuration has been done, you can test the service. Open the command line go to the installation directory input: sldapd-d 1 Note the command is (slapd-d 1)

At this point the LDAP server has been set up and can run. Here's a test of how to pour data into. ldif format. Two Create entry (Entry), import the LDIF suffix name file

Ldif:ldap Data Interchange Format, text-based. There are two types of LDIF files: The first is to describe the Directory entry data, and the second is to describe the purpose of the update article. We mainly look at how to describe the purpose of the article.

Open the editor (such as Editplus,ultraedit, etc.) and create the new TEST.LDIF content as follows:

Dn:o=anotherbug,c=com
Objectclass:dcobject
Objectclass:organization
O:anotherbug
Dc:com

Dn:uid=mousepoato, o=anotherbug,c=com
Uid:mousepoato
Objectclass:inetorgperson
Mail: [Email protected]
Userpassword:admin
labeledURI: http://anotherbug.com/blog
Sn:li
Cn:test

Note that the LDIF file has strict formatting requirements, and attributes are separated by colons and spaces, and spaces are not allowed elsewhere. Otherwise, when you import the LDIF file, you will be prompted to "Ldap_add:invalid syntax" and many other errors, as well as testing on my machine,LDIF is not good for Chinese support, such as I will be the last Cn:test to CN: Mouse potatoes, import will be error.

Save to the installation directory after writing. At the command line, enter:

Ldapadd-c-x-d "cn=manager,o=anotherbug,c=com"-w "just replaced secret out password plaintext"-F TEST.LDIF

After running the command, the results are as follows:

Note that we add the "–c" parameter to the Ldapadd, and he will always run without terminating due to an error, such as a entry command that already exists on the system, but will not abort. Third, the LDAP viewing tool

Maybe it's very abstract to see so many things, we need a GUI to see what LDAP is really like.

Two Browse tools recommended here

1.Ldapbrowser

This is a Java-developed LDAP Browser/editor tool that is not only cross-platform (Windows, unix-like), but also fully functional and fast. Run up the interface when this looks like.

2.Softrra LDAP Administrator

This is a relatively powerful and professional client that covers the LDAP service types of most enterprises.

After the next installation is successful, its configuration is also relatively simple:

Create a new profile, named Local_ldap

Configure connection Information

This is the effect of the complete configuration.

Iv. manipulating LDAP examples through the JNDI API

The Jndi provided in Javax provides us with a function that encapsulates the access query for the LDAP directory service, which is convenient and practical.

Put me on the JUNIT4. Write a code to test the LADP server for reference:

private static Logger log = Logger.getlogger (Testldapoper.class);
DirContext context = null;
Testldap tldap = null;

@Before
public void Init () throws Namingexception {
Tldap = new Testldap ();
context = Tldap.getcontext ();//Get context
}

@Test
@Ignore
public void Testinsert () throws Namingexception {
Tldap.addentry (Context, "uid=ibm,o=anotherbug,c=com");
}

@SuppressWarnings ("Unchecked")
@Test
public void Testgetattributes () throws Namingexception {
List attnamelist = new ArrayList ();
Attnamelist.add ("O");
Attnamelist.add ("DC");
Attnamelist.add ("ObjectClass");
Map map = jndiuitl.getattributes (context, "o=anotherbug,c=com", attnamelist);
Iterator keyvaluepairs = Map.entryset (). Iterator ();
for (int i = 0; i < map.size (); i++) {
Map.entry Entry = (map.entry) keyvaluepairs.next ();
Object key = Entry.getkey ();
Object value = Entry.getvalue ();
Log.info (key + "==key");
Log.info (value + "–value");
}
}

@SuppressWarnings ("Unchecked")
@Test
public void Testgetattrivalues () throws Namingexception {
Assertequals ("Anotherbug.com", jndiuitl.getattributevalues (context, "o=anotherbug,c=com", "DC"). Get (0) + "");
List lst = new ArrayList ();
LST = jndiuitl.getattributevalues (context, "o=anotherbug,c=com", "ObjectClass");
Assertequals ("organization", Lst.get (1) + "");
for (int i = 0; i < lst.size (); i++) {
Log.info (Lst.get (i));
Log.info (reflectiontostringbuilder.tostring (Lst.get (i)). ToString ());
}
}

@SuppressWarnings ("Unchecked")
@Test
public void Testsearchcontext () throws Namingexception {
List List = Jndiuitl.searchcontextsub (context, "o=anotherbug,c=com", "(objectclass=*)");
for (int i = 0; i < list.size (); i++) {
Log.info (List.get (i));
}
}

@After
public void Destroy () throws Namingexception {
Context.close ();
}

Add

Another LDAP software LDAP Admin Tool Professional

Official address: http://www.ldapsoft.com/index.html

Code for C # to LDAP authentication

It's in My Space folder ( SkyDriveon this site)

• Guangzhi? SkyDrive? Computer class Folder

Http://cid-0a71bbfb566de45c.skydrive.live.com/self.aspx/%e8%ae%a1%e7%ae%97%e6%9c%ba%e7%b1%bb%e6%96%87%e4%bb%b6 %e5%a4%b9/ldap4%5e_blog.rar

Build LDAP server under Windows