지원콘솔개발자평가판 시작연락처

이 콘텐츠는 선택한 언어로 제공되지 않습니다.

8.3. Add User Entries to the Directory Server

Overview

The basic prerequisite for using LDAP authentication with the OSGi container is to have an X.500 directory server running and configured with a collection of user entries. For many use cases, you will also want to configure a number of groups to manage user roles.

Goals

In this portion of the tutorial you will

Adding user entries

Perform the following steps to add user entries to the directory server:
  1. Ensure that the LDAP server and browser are running.
    See Section 8.2, “Set-up a Directory Server and Browser”.
  2. In the LDAP Browser view, drill down to the ou=users node.
    directory information tree in the LDAP browser
  3. Select the ou=users node.
  4. Open the context menu.
  5. Select New New Entry.
    The New Entry wizard appears.
  6. In the Entry Creation Method pane, check Create entry from scratch.
  7. Click Next.
    The Object Classes pane opens.
  8. In the Object Classes pane, select inetOrgPerson from the list of Available object classes on the left.
  9. Click Add to populate the list of Selected object classes.

    Figure 8.3. New Entry Wizard

    form for adding a new object
  10. Click Next.
    The Distinguished Name pane opens.
  11. In the the RDN field, enter uid in front and jdoe after the equals sign.

    Figure 8.4. Distinguished Name Step of New Entry Wizard

    form for adding a DN to an object
  12. Click Next.
    The Attributes pane opens.
  13. Fill in the remaining mandatory attributes in the Attributes pane.
    1. Set the cn (common name) attribute to John Doe
    2. Set the sn (surname) attribute to Doe.

    Figure 8.5. Attributes Step of New Entry Wizard

    form for adding attributes to a new object
  14. Add a userPassword attribute to the user entry.
    1. Open the context menu in the Attributes pane.
    2. Select New Attribute.
      The New Attribute wizard appears.
    3. From the Attribute type drop-down list, select userPassword.
    4. Click Finish.
      The Password Editor dialog appears.
    5. In the Enter New Password field, enter the password, secret.
    6. Click OK.
      The userPassword attribute will appear in the attributes editor.
  15. Click Finish.
  16. Add a user Jane Doe by following Step 3 to Step 15.
    In Step 11, use janedoe for the new user's uid.
  17. Add a user Camel Rider by following Step 3 to Step 15.
    In Step 11, use crider for the new user's uid.

Adding groups for the roles

To add the groups that define the roles:
  1. Create a new organizational unit to contain the role groups.
    1. In the LDAP Browser view, select the ou=system node.
    2. Open the context menu.
    3. Select New New Entry.
      The New Entry wizard appears.
    4. In the Entry Creation Method pane, check Create entry from scratch.
    5. Click Next.
      The Object Classes pane opens.
    6. Select organizationalUnit from the list of Available object classes on the left.
    7. Click Add to populate the list of Selected object classes.
    8. Click Next>.
      The Distinguished Name pane opens.
    9. In the the RDN field, enter ou in front and roles after the equals sign.
    10. Click Next>.
      The Attributes pane opens.
    11. Click Finish.
    Note
    This step is required because Apache DS only allows administrators access to entries in ou=system,ou=groups.
  2. In the LDAP Browser view, drill down to the ou=roles node.
  3. Select the ou=roles node.
  4. Open the context menu.
  5. Select New New Entry.
    The New Entry wizard appears.
  6. In the Entry Creation Method pane, check Create entry from scratch.
  7. Click Next.
    The Object Classes pane opens.
  8. Select groupOfNames from the list of Available object classes on the left.
  9. Click Add to populate the list of Selected object classes.
  10. Click Next.
    The Distinguished Name pane opens.
  11. In the the RDN field, enter cn in front and admin after the equals sign.
  12. Click Next.
    The Attributes pane opens and you are presented with a DN editor.
  13. Enter uid=jdoe.
  14. Click OK.
  15. Click Finish.
  16. Add a sshConsole role by following Step 3 to Step 15.
    In Step 11, use sshConsole for the new group's cn.
    In Step 13, use uid=janedoe.
  17. Add a webconsole role by following Step 3 to Step 15.
    In Step 11, use webconsole for the new group's cn.
    In Step 13, use uid=janedoe.
  18. Add a jmxUser role by following Step 3 to Step 15.
    In Step 11, use jmxUser for the new group's cn.
    In Step 13, use uid=crider.
Red Hat logoGithubRedditYoutubeTwitter

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

Red Hat을 사용하는 고객은 신뢰할 수 있는 콘텐츠가 포함된 제품과 서비스를 통해 혁신하고 목표를 달성할 수 있습니다.

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat은 코드, 문서, 웹 속성에서 문제가 있는 언어를 교체하기 위해 최선을 다하고 있습니다. 자세한 내용은 다음을 참조하세요.Red Hat 블로그.

Red Hat 소개

Red Hat은 기업이 핵심 데이터 센터에서 네트워크 에지에 이르기까지 플랫폼과 환경 전반에서 더 쉽게 작업할 수 있도록 강화된 솔루션을 제공합니다.

© 2024 Red Hat, Inc.