You create user entries in the Directory Server user data instance for the following users:
testuser1
testuser2
They will be used to verify that the policy agent is configured and working properly. Additionally, the Groups container will be used for the same purpose. This user data is imported into one Directory Server as it will be replicated to the other instance.
If you are using an existing user data store, create the appropriate users in it and move on to 7.2 Creating and Configuring a Realm for Test Users.
Create an LDIF file with user entries that is imported into Directory Server 1.
As a root user, log in to the DirectoryServer–1 host machine.
Create an LDIF file with the following entries.
dn: ou=users,dc=company,dc=com objectclass: top objectclass: organizationalUnit ou: users description: Container for user entries dn: ou=Groups,dc=company,dc=com objectClass: top objectClass: organizationalUnit ou: Groups description: Container for group entries dn: uid=testuser1,ou=users,dc=company,dc=com uid: testuser1 givenName: Test objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetadmin objectClass: inetorgperson objectClass: inetUser sn: User1 cn: Test User1 userPassword: password inetUserStatus: Active dn: uid=testuser2,ou=users,dc=company,dc=com uid: testuser2 givenName: Test objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetorgperson objectClass: inetUser sn: User2 cn: Test User2 userPassword: password inetUserStatus: Active
Save the file as am-users.ldif in the /tmp directory.
Import the LDIF file into Directory Server 1 using ldapmodify.
# ldapmodify -h DirectoryServer-1.example.com -p 1489 -D "cn=Directory Manager" -w d1rm4n4ger -a -f /tmp/am-users.ldif adding new entry ou=users,dc=company,dc=com adding new entry ou=Groups,dc=company,dc=com adding new entry uid=testuser1,ou=users,dc=company,dc=com adding new entry uid=testuser2,ou=users,dc=company,dc=com |
Verify that the new users were imported using ldapsearch.
# ldapsearch -h DirectoryServer-1.example.com -b "dc=company,dc=com" -p 1489 -D "cn=Directory Manager" -w d1rm4n4ger "uid=test*" version: 1 dn: uid=testuser1,ou=users,dc=company,dc=com uid: testuser1 givenName: Test objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetadmin objectClass: inetorgperson objectClass: inetUser sn: User1 cn: Test User1 userPassword: {SSHA}H5LpB+QLZMoL9SiXzY/DokHKXRclELVy7w25AA== inetUserStatus: Active dn: uid=testuser2,ou=users,dc=company,dc=com uid: testuser2 givenName: Test objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetorgperson objectClass: inetUser sn: User2 cn: Test User2 userPassword: {SSHA}aLNFCQ1qw78KpJeloVZJAAa5QSAPf/9c2mxCQQ== inetUserStatus: Active |
Log out of the DirectoryServer–1 host machine.
(Optional) Verify that the entries were replicated to Directory Server 2 by logging in as a root user to the DirectoryServer–2 host machine and using ldapsearch.
# ldapsearch -h DirectoryServer-2.example.com -b "dc=company,dc=com" -p 1489 -D "cn=Directory Manager" -w d1rm4n4ger "" version: 1 dn: dc=company,dc=com objectClass: top objectClass: domain dc: company dn: ou=users,dc=company,dc=com objectClass: top objectClass: organizationalUnit ou: users description: Container for user entries dn: ou=Groups,dc=company,dc=com objectClass: top objectClass: organizationalUnit objectclass: iplanet-am-managed-group ou: Groups description: Container for group entries dn: uid=testuser1,ou=users,dc=company,dc=com uid: testuser1 givenName: Test objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetadmin objectClass: inetorgperson objectClass: inetUser sn: User1 cn: Test User1 inetUserStatus: Active userPassword: {SSHA}H5LpB+QLZMoL9SiXzY/DokHKXRclELVy7w25AA== dn: uid=testuser2,ou=users,dc=company,dc=com uid: testuser2 givenName: Test objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetorgperson objectClass: inetUser sn: User2 cn: Test User2 inetUserStatus: Active userPassword: {SSHA}aLNFCQ1qw78KpJeloVZJAAa5QSAPf/9c2mxCQQ== |
Log out of the DirectoryServer–2 host machine.