Using Apache DS, Part 2

Now that we have the LDAP server running, we need to be able to CRUD the data within the LDAP server. ApacheDS does not have an integrated GUI but it does have a companion tool, Apache Directory Studio, which can connect to the server and edit its data.

  1. Download and install Studio. Start it. It’s Eclipse-based so Java developers should be familiar with its GUI.
  2. Go to LDAP | New Connection… and create a connection:
    • Hostname: localhost
    • Port: 10389
    • Bind DN: uid=admin,ou=system
    • Bind password: secret

    Leave everything else as default. Click OK.

  3. You should now see Studio display a tree-structure on the left. This is the content in your LDAP server.
    Apache Directory Studio
  4. Now you’ll want to import the data specific to your organization or product. First you need to create a parition which holds your data. In the screenshot above, “dc=example,dc=com” is a partition for Creating a partition is not as easy as it could be but basically involves cutting and pasting a block of XML and changing it in 3 spots to fit your needs.
  5. With our own partition we can import our data. You can use Studio to create the data but it’s a manual process. Instead you should create an LDIF file which contains your data. All you need to do is create a DS_HOME/ldif directory and place your LDIF files in this directory. ApacheDS will load the LDIF files upon startup. Do note that LDIF is not an easy format to work with. It’s another example where you will want to schedule some time to play with it in order to understand its quirks and foibles. Here’s a simple Fiveruns LDIF datafile which creates an organizational unit and a user within a “FiveRuns” partition.

That’s all for now. Next we’ll access this data from Ruby!

3 thoughts on “Using Apache DS, Part 2”

  1. It is true that LDIF files are a little cumbersome, but Apache Directory Studio also has a great ldif file editor built in. If you open an existing LDIF file or go to the “LDAP->New LDIF File” you will get a great ldif editor complete with code completion for ldif elements, objectclasses, etc. and an outline view of your entire LDIF on the right side of the window.

  2. Hi Mike,
    I was unable to find out the gid attribute for a group in ApacheDS (however the uid for a user is available by default) . How does a user gets mapped to a group, does it use the gid ? or any other way. Shouldn’t this attribute be mandatory ?

  3. Mike
    This is reall a very helpful article.I have been trying to find documentation on how to add partition to Apache DS because all articles talk about server.xml which has been replaced by config.ltif.Pease help!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>