Cross Reference: /forgerock/openidm-v4/openidm-zip/src/main/resources/samples/sample6/README

	README revision 245d622535c32563b59ef5027b1171167ba9b451
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang DoSample 6 - LiveSync Between Two LDAP Servers
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Do--------------------------------------------
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang DoCopyright (c) 2012 ForgeRock AS
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang DoThis work is licensed under a Creative Commons Attribution-
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang DoNonCommercial-NoDerivs 3.0 Unported License. See
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Dohttp://creativecommons.org/licenses/by-nc-nd/3.0/
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Do
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang DoThis sample demonstrates use of two real LDAP connections, and both
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Doreconciliation and LiveSync. To simplify setup, both provisioners point to the
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Dosame LDAP server, and only use different base DNs, so you can simulate use of
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Dotwo directory servers with a single OpenDJ directory server, for example.
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Do
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang DoFor documentation pertaining to this example see:
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Dohttp://openidm.forgerock.org/doc/install-guide/index.html#more-sample6
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Do
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang DoTo prepare to run the sample, download OpenDJ directory server from
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Dohttp://forgerock.org/opendj.html. Install OpenDJ using QuickSetup:
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Do
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Do    * Use "password" as the password for cn=Directory Manager.
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Do    * When presented with Topology Options, be sure to choose "This server
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Do      will be part of a replication topology" to ensure the change log is set
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Do      up.
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Do    * Import samples/sample6/data/Example.ldif during installation.
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Do    * After OpenDJ installation completes, click Launch Control Panel, then
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Do      use the New Base DN... window to create ou=people,o=ad and import
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Do      samples/sample6/data/AD.ldif into the same userRoot database as
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Do      you used by default for Example.ldif.
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Do
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang DoThe directory server should now show one user under dc=example,dc=com with DN,
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Douid=jdoe,ou=People,dc=example,dc=com, and no other entries under ou=people,o=ad.
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Do
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang DoTo run the sample in OpenIDM, follow these steps.
9c7bbd7179a96404fb22fa83f4680174da8b2239Trang Do
    1. Edit /path/to/openidm/samples/sample6/conf/provisioner.openicf-ad.json
       to change the port from 4389 to 1389 (or other port number where OpenDJ
       listens for LDAP).

    2. Start OpenIDM with the configuration for sample 6.

    $ cd /path/to/openidm
    $ ./startup.sh -p samples/sample6

    3. Run reconciliation.

    $ curl --header "X-OpenIDM-Username: openidm-admin" --header "X-OpenIDM-Password: openidm-admin" --request POST "http://localhost:8080/openidm/recon?_action=recon&mapping=systemLdapAccounts_managedUser"
    {"reconId":"d88ca423-d5f2-4eb5-a451-a229399f92af"}

    4. Check that the user was added under ou=people,o=ad.

    $ cd /path/to/OpenDJ/bin
    $ ./ldapsearch -p 1389 -b ou=people,o=ad "(uid=jdoe)"
    dn: uid=jdoe,ou=people,o=ad
    objectClass: person
    objectClass: inetOrgPerson
    objectClass: organizationalPerson
    objectClass: top
    givenName: John
    description: Created for OpenIDM
    uid: jdoe
    cn: John Doe
    sn: Doe
    mail: jdoe@example.com

    5. Edit samples/sample6/conf/schedule-activeSynchroniser_systemLdapAccount.json
    to set "enabled" : true. LiveSync causes synchronization to happen as you
    make changes.

    6. Using the OpenDJ Control Panel, add a new user under
       ou=People,dc=example,dc=com, and then check the result under
       ou=people,o=ad.

    $ ./ldapsearch -p 1389 -b ou=people,o=ad "(uid=*)" cn description
    dn: uid=jdoe,ou=people,o=ad
    description: Created for OpenIDM
    cn: John Doe

    dn: uid=bdobbs,ou=people,o=ad
    description: Created to see LiveSync work
    cn: Bob Dobbs