README revision 7d83b6a03bd7b63f2eb6404d6cc1e4c074391ea7
a27dc50157eb8267becffcd800eb1abf7e16ae7cEvan Hunt * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a27dc50157eb8267becffcd800eb1abf7e16ae7cEvan Hunt * Copyright (c) 2014 ForgeRock AS. All rights reserved.
a27dc50157eb8267becffcd800eb1abf7e16ae7cEvan Hunt * The contents of this file are subject to the terms
a27dc50157eb8267becffcd800eb1abf7e16ae7cEvan Hunt * of the Common Development and Distribution License
a27dc50157eb8267becffcd800eb1abf7e16ae7cEvan Hunt * (the License). You may not use this file except in
a27dc50157eb8267becffcd800eb1abf7e16ae7cEvan Hunt * compliance with the License.
a27dc50157eb8267becffcd800eb1abf7e16ae7cEvan Hunt * You can obtain a copy of the License at
a27dc50157eb8267becffcd800eb1abf7e16ae7cEvan Hunt * See the License for the specific language governing
a27dc50157eb8267becffcd800eb1abf7e16ae7cEvan Hunt * permission and limitations under the License.
a27dc50157eb8267becffcd800eb1abf7e16ae7cEvan Hunt * When distributing Covered Code, include this CDDL
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt * Header Notice in each file and include the License file
a27dc50157eb8267becffcd800eb1abf7e16ae7cEvan Hunt * If applicable, add the following below the CDDL Header,
a27dc50157eb8267becffcd800eb1abf7e16ae7cEvan Hunt * with the fields enclosed by brackets [] replaced by
a27dc50157eb8267becffcd800eb1abf7e16ae7cEvan Hunt * your own identifying information:
a27dc50157eb8267becffcd800eb1abf7e16ae7cEvan Hunt * "Portions Copyrighted [year] [name of copyright owner]"
a27dc50157eb8267becffcd800eb1abf7e16ae7cEvan HuntSample 2b - Bi-directional LDAP <-> Internal Repository
a27dc50157eb8267becffcd800eb1abf7e16ae7cEvan Hunt-------------------------------------------------------
a27dc50157eb8267becffcd800eb1abf7e16ae7cEvan HuntThe sample shows you reconciliation between the OpenIDM internal repository
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Huntand a local LDAP directory server, such as OpenDJ, with data flowing from
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan HuntOpenDJ into the internal repository, and from the internal repository into
a27dc50157eb8267becffcd800eb1abf7e16ae7cEvan HuntTo run this sample, launch OpenIDM with the sample configuration as follows:
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunthttp://openidm.forgerock.org/doc/install-guide/index.html#more-sample2b
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan HuntData for this sample is stored in data/Example.ldif. After you import
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Huntthe data, ou=People,dc=example,dc=com contains a single user entry. Although
a27dc50157eb8267becffcd800eb1abf7e16ae7cEvan Huntall attributes to synchronize can be multi-valued in LDAP, this sample
a27dc50157eb8267becffcd800eb1abf7e16ae7cEvan Huntdefines only mail as a multi-valued attribute in OpenIDM.
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt* conf/provisioner.openicf-ldap.json configures the LDAP connector.
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt By default, the LDAP connector uses the following parameters:
"attributesToSynchronize" : [ "uid", "sn", "cn", "givenName", "mail", "description", "telephoneNumber" ],
$ curl -k -H "Content-type: application/json" -u "openidm-admin:openidm-admin" -X POST "https://localhost:8443/openidm/recon?_action=recon&mapping=systemLdapAccounts_managedUser"
$ curl -k -u "openidm-admin:openidm-admin" "https://localhost:8443/openidm/managed/user?_queryId=query-all-ids&_prettyPrint=true"