README revision 4b4c3a2028eea921136be5b4717c69c074b4982e
Sample 6 - LiveSync Between Two LDAP Servers
--------------------------------------------
Copyright (c) 2012 ForgeRock AS
This work is licensed under a Creative Commons Attribution-
NonCommercial-NoDerivs 3.0 Unported License. See
This sample demonstrates use of two real LDAP connections, and both
reconciliation and LiveSync. To simplify setup, both provisioners point to the
same LDAP server, and only use different base DNs, so you can simulate use of
two directory servers with a single OpenDJ directory server, for example.
For documentation pertaining to this example see:
To prepare to run the sample, download OpenDJ directory server from
http://forgerock.org/opendj.html. Install OpenDJ using QuickSetup:
* Use "password" as the password for cn=Directory Manager.
* When presented with Topology Options, be sure to choose "This server
will be part of a replication topology" to ensure the change log is set
up.
* Import samples/sample6/data/Example.ldif during installation.
* After OpenDJ installation completes, click Launch Control Panel, then
use the New Base DN... window to create ou=people,o=ad and import
samples/sample6/data/AD.ldif into the same userRoot database as
you used by default for Example.ldif.
The directory server should now show one user under dc=example,dc=com with DN,
uid=jdoe,ou=People,dc=example,dc=com, and no other entries under ou=people,o=ad.
To run the sample in OpenIDM, follow these steps.
to change the port from 4389 to 1389 (or other port number where OpenDJ
listens for LDAP).
2. Start OpenIDM with the configuration for sample 6.
$ cd /path/to/openidm
$ ./startup.sh -p samples/sample6
3. Run reconciliation.
$ curl --header "X-OpenIDM-Username: openidm-admin" --header "X-OpenIDM-Password: openidm-admin" --request POST "http://localhost:8080/openidm/recon?_action=recon&mapping=systemLdapAccounts_managedUser"
{"reconId":"d88ca423-d5f2-4eb5-a451-a229399f92af"}
4. Check that the user was added under ou=people,o=ad.
$ cd /path/to/OpenDJ/bin
$ ./ldapsearch -p 1389 -b ou=people,o=ad "(uid=jdoe)"
dn: uid=jdoe,ou=people,o=ad
objectClass: person
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: top
givenName: John
description: Created for OpenIDM
uid: jdoe
cn: John Doe
sn: Doe
mail: jdoe@example.com
to set "enabled" : true. LiveSync causes synchronization to happen as you
make changes.
6. Using the OpenDJ Control Panel, add a new user under
ou=People,dc=example,dc=com, and then check the result under
ou=people,o=ad.
$ ./ldapsearch -p 1389 -b ou=people,o=ad "(uid=*)" cn description
dn: uid=jdoe,ou=people,o=ad
description: Created for OpenIDM
cn: John Doe
dn: uid=bdobbs,ou=people,o=ad
description: Created to see LiveSync work
cn: Bob Dobbs