SIP Servlet Engine© Documentations
 
  Top >   System Management >   Installation >   LDAP Server Configuration Guide
 
 

LDAP Server Configuration Guide

The sip-demo application (a demo application provided with SIP Servlet Engine) provides the function that retrieves user information from an LDAP server. This document describes how to configure an LDAP server which is used to perform this function. If you do not use the sip-demo and this function, the following task is not needed.

This document describes on the assumption that the LDAP server you plan to configure is OpenLDAP. For instructions about how to install OpenLDAP, see the OpenLDAP.

Configuring OpenLDAP

Configure the OpenLDAP configuration file (slapd.conf) as follows and start OpenLDAP. 

database  ldbm
suffix    "o=oki.co.jp"
rootdn    "cn=admin,o=oki.co.jp"
rootpw    admin
directory /var/lib/ldap

Each property needs to be changed to suit your environment. The value specified in suffix should be the same as the suffix of the ldap server set in token.ldap.url in the install.properties file.

Execute the following command to set the LDAP schema. 

$ cd ${SIPAP_HOME}/bin
$ ldapadd -x -D "cn=admin,o=oki.co.jp" -f ldap.ldif -w admin

Each ldapadd argument needs to be changed to suit your environment. Do not change the value "people" set for "ou" in "dn" settings in the ldap.ldif.

Registering Users with the LDAP Server

To register users with the LDAP server, prepare the ldif file as shown below. 

# user 1
dn: uid=111222, ou=people, o=oki.co.jp
objectclass: Top
objectclass: person
objectclass: organization
objectclass: organizationalPerson
objectclass: inetOrgPerson
objectclass: newPilotPerson
uid: 111222
cn: Oki Taro (written in Japanese)
cn: Taro Oki
sn: Oki (written in Japanese)
sn: Oki
o: Oki Denki Kougyou Kabushikigaisha (written in Japanese)
o: Oki Electric Industry Co., Ltd.
ou: 1 Bu 1 Ka (written in Japanese)
ou: 1bu1ka
employeenumber: 111222
mail: oki123@oki.com
telephonenumber: 03-111-1234
facsimileTelephoneNumber: 03-222-1234

Define two attribute items for each user entry attribute (cn (full name), sn (last name), o (company/organization), and ou (sub-organization)) to enter the first item in Japanese and the second item in English. Japanese should be written in UTF-8. You can define multiple user entries.

To register this ldif file as users.ldif with the LDAP server, execute the following command. 

$ ldapadd -x -D "cn=admin, o=oki.co.jp" -f users.ldif -w admin

Each ldapadd argument needs to be changed to suit your environment. Do not change the value "people" set for "ou" in "dn" settings in the users.ldif.

Last Modified:Wed Mar 31 21:14:06 JST 2004

 
Copyright © 2003, 2004 Oki Electric Industry Co.,Ltd. All rights reserved.