LDAP

The LDAP connector can be used with any directory which supports the LDAP/LDAPS protocol such as OpenLDAP, Active Directory or eDirectory.

Installing the connector

The steps below describe how to install and start the connector. Depending on whether you are using Kubernetes, Swarm or RPM, the instructions will vary. All three are described below.

RPM File

First, make the a copy of the default startup script found in /usr/local/OpenIAM/connectors

su openiam
cp startup.sh startldapconnector.sh

You will also need to create a directory for cacerts if you plan to enable SSL communication to LDAP. You can do this with the following:

mkdir /usr/local/OpenIAM/connectors/ldap-connector-rabbitmq/certs

Next, edit the new .sh file so that the line starting with java includes the following argument

-Djavax.net.ssl.keyStorePassword=changeit

The resulting startldapconnector.sh file should be as shown below

#!/bin/bash
java -Dconfpath=/data/openiam -Dlogging.level.root=WARN -Djavax.net.ssl.keyStorePassword==changeit -Djavax.net.ssl.trustStore=/data/openiam/conf/ldap-connector-rabbitmq/certs/cacerts
-Dorg.openiam.connector.queue=$(cat /usr/local/OpenIAM/connectors/$1/properties)_Request
-Dorg.openiam.connector.queueResponseName=$(cat /usr/local/OpenIAM/connectors/$1/properties)_Response
-jar /usr/local/OpenIAM/connectors/$1/$1.jar >> /usr/local/OpenIAM/logs/$1.out &

To start the connector, use the following command:

./startldapconnector.sh ldap-connector-rabbitmq

To check the connector status:

./status.sh ldap-connector-rabbitmq

You should see the following output if the connector is running

[OK] - ldap-connector-rabbitmq - Service working. Application status: [ UP ]