Red Hat Summit Red Hat Summitサポートコンソール開発者トライアルの開始お問い合わせ

このコンテンツは選択した言語では利用できません。

8.3. Add User Entries to the Directory Server

Overview
リンクのコピー

The basic prerequisite for using LDAP authentication with the OSGi container is to have an X.500 directory server running and configured with a collection of user entries. For many use cases, you will also want to configure a number of groups to manage user roles.

Goals
リンクのコピー

In this portion of the tutorial you will

Adding user entries
リンクのコピー

Perform the following steps to add user entries to the directory server:
  1. Ensure that the LDAP server and browser are running.
    See Section 8.2, “Set-up a Directory Server and Browser”.
  2. In the LDAP Browser view, drill down to the ou=users node.
    directory information tree in the LDAP browser
    View larger image
    directory information tree in the LDAP browser
  3. Select the ou=users node.
  4. Open the context menu.
  5. Select New New Entry to open the Entry Creation Method pane.
    Entry Creation Method pane
    View larger image
    Entry Creation Method pane
  6. Check Create entry from scratch.
  7. Click Next to open the Object Classes pane.
    Object Classes pane
    View larger image
    Object Classes pane
  8. Select inetOrgPerson from the list of Available object classes.
  9. Click Add to populate the list of Selected object classes.
    adding a new object
    View larger image
    adding a new object
  10. Click Next to open the Distinguished Name pane.
    adding a DN to an object
    View larger image
    adding a DN to an object
  11. In the the RDN field, enter uid in front and jdoe after the equals sign.
  12. Click Next to open the Attributes pane.
    adding attributes to a new object
    View larger image
    adding attributes to a new object
  13. Fill in the remaining mandatory attributes in the Attributes pane.
    1. Set the cn (common name) attribute to John Doe
    2. Set the sn (surname) attribute to Doe.
  14. Add a userPassword attribute to the user entry.
    1. Open the context menu in the Attributes pane.
    2. Select New Attribute to open the New Attribute wizard.
    3. From the Attribute type drop-down list, select userPassword.
    4. Click Finish.
      The Password Editor dialog opens.
    5. In the Enter New Password field, enter the password, secret.
    6. Click OK.
      The userPassword attribute appears in the Attributes editor.
      confirm new userPassword attribute
      View larger image
      confirm new userPassword attribute
  15. Click Finish.
  16. Add a user Jane Doe by following Step 3 to Step 15.
    In Step 11, use janedoe for the new user's uid.
  17. Add a user Camel Rider by following Step 3 to Step 15.
    In Step 11, use crider for the new user's uid.

Adding groups for the roles
リンクのコピー

To add the groups that define the roles:
  1. Create a new organizational unit to contain the role groups.
    1. In the LDAP Browser view, select the ou=system node.
    2. Open the context menu.
    3. Select New New Entry to open the Entry Creation Method pane.
    4. Check Create entry from scratch.
    5. Click Next to open the Object Classes pane.
    6. Select organizationalUnit from the list of Available object classes.
    7. Click Add to populate the list of Selected object classes.
      adding organizationalUnit Object Class
      View larger image
      adding organizationalUnit Object Class
    8. Click Next> to open the Distinguished Name pane.
    9. In the the RDN field, enter ou in front and roles after the equals sign.
    10. Click Next> to open the Attributes pane.
    11. Click Finish.
    Note
    This step is required because Apache DS allows only administrators access to entries in ou=system,ou=groups.
  2. In the LDAP Browser view, drill down to the ou=roles node.
  3. Select the ou=roles node.
  4. Open the context menu.
  5. Select New New Entry to open the Entry Creation Method pane.
  6. Check Create entry from scratch.
  7. Click Next to open the Object Classes pane.
  8. Select groupOfNames from the list of Available object classes.
  9. Click Add to populate the list of Selected object classes.
  10. Click Next to open the Distinguished Name pane.
  11. In the the RDN field, enter cn in front and admin after the equals sign.
  12. Click Next to open the Attributes pane.
    The message Attribute "member" has an empty value, please insert a valid value. displays, and a DN Editor opens for you to enter a value.
  13. Enter uid=jdoe.
  14. Click OK.
  15. Click Finish.
  16. Add a sshConsole role by following Step 3 to Step 15.
    In Step 11, use sshConsole for the new group's cn.
    In Step 13, use uid=janedoe.
  17. Add a webconsole role by following Step 3 to Step 15.
    In Step 11, use webconsole for the new group's cn.
    In Step 13, use uid=janedoe.
  18. Add a jmxUser role by following Step 3 to Step 15.
    In Step 11, use jmxUser for the new group's cn.
    In Step 13, use uid=crider.
トップに戻る
Red Hat logoGithubredditYoutubeTwitter

詳細情報

試用、購入および販売

コミュニティー

Red Hat ドキュメントについて

Red Hat をお使いのお客様が、信頼できるコンテンツが含まれている製品やサービスを活用することで、イノベーションを行い、目標を達成できるようにします。 最新の更新を見る.

多様性を受け入れるオープンソースの強化

Red Hat では、コード、ドキュメント、Web プロパティーにおける配慮に欠ける用語の置き換えに取り組んでいます。このような変更は、段階的に実施される予定です。詳細情報: Red Hat ブログ.

会社概要

Red Hat は、企業がコアとなるデータセンターからネットワークエッジに至るまで、各種プラットフォームや環境全体で作業を簡素化できるように、強化されたソリューションを提供しています。

Theme

© 2025 Red Hat