Hi,
I was wondering if someone could help me in putting in the correct values for
ContextEntry of a custom partition in server.xml.
I've recently inherited a very creaky, legacy app that used openldap.
Unfortunately the hardware at my disposal is only windows and the openldap
win32 version we tried to use has a max of 64 concurrent connections -- hence
my trials w/ apacheds(also have a side project to try to compile w/ cygwin).
I'm fairly new to LDAP and after a couple of days, I'm at a bit of a loss.
So here's what I've done + other facts:
1. I'm using Apacheds 1.0.2, only b/c the documentation is much better.
2. There is a custom schema, and I've managed to generate code for a custom
schema, package the jar and drop it into apacheds/lib/ext folder. I've also
enabled the schema in server.xml
3. A point to note; the schema isn't VALID in that I have to disable schema
checking
4. I can start apacheds after all this w/ no problems or stacktraces. I've
changed log4j.properties to log on INFO
5. My problem is that I can't load an .ldif that is a dump of openldap. I am
guessing that my ContextEntry is wrong...I've been tweaking forever to try to
match my root element, but I'd appreciate any help
I've attached:
- server.xml (note that the new partition is called
"localPartitionConfiguration")
- ldif
Any help would be very much appreciated!
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
"http://www.springframework.org/dtd/spring-beans.dtd";>
<beans>
<bean id="environment" class="org.springframework.beans.factory.config.PropertiesFactoryBean">
<property name="properties">
<props>
<prop key="java.naming.security.authentication">simple</prop>
<prop key="java.naming.security.principal">uid=admin,ou=system</prop>
<prop key="java.naming.security.credentials">secret</prop>
<!--<prop key="kdc.entryBaseDn">ou=users,dc=example,dc=com</prop>-->
<!--<prop key="kdc.java.naming.security.credentials">secret</prop>-->
<!--<prop key="changepw.entryBaseDn">ou=users,dc=example,dc=com</prop>-->
<!--<prop key="changepw.java.naming.security.credentials">secret</prop>-->
<!-- Set this key to a space delimited set of attributeType descriptions
and their OID's if you want an attributeType to be handled as
binary content.
The server will use the schema to derive the set of attributeTypes
to treat as binary. The union if the values you provide here
will be taken as the set of binaries. Note to be consistent you
must add both the OID and all the names an attributeType can have.
-->
<!--
<prop key="java.naming.ldap.attributes.binary"></prop>
-->
</props>
</property>
</bean>
<bean id="configuration" class="org.apache.directory.server.configuration.MutableServerStartupConfiguration">
<property name="workingDirectory" value="example.com"/>
<!-- Uncomment below to have the server load entries on startup! -->
<!-- ldifDirectory property can point to a relative file, directory or -->
<!-- can point to an absolute path to either using the URL path -->
<!-- notation: i.e. file:///Users/jack/apacheds/ldifs -->
<!-- Entries will optionally be filtered using LdifLoadFilters in the -->
<!-- order specified. The included Krb5KdcEntryFilter will filter -->
<!-- kerberos principals creating keys for them using their -->
<!-- userPassword attribute if present. -->
<!--<property name="ldifDirectory">
<value>example.ldif</value>
</property>
<property name="ldifFilters">
<list>
<bean class="org.apache.directory.server.protocol.shared.store.Krb5KdcEntryFilter"/>
</list>
</property>-->
<!-- the number of milliseconds before issuing a synch (flush to disk) -->
<!-- which writes out dirty pages back to disk. To turn off synchs all -->
<!-- together simply set this value to <= 0. Make sure you turn on -->
<!-- synchOnWrite for all partitions if you do choose to do this or else-->
<!-- writes may never persist to disk. -->
<property name="synchPeriodMillis" value="15000"/>
<!-- limits searches by non-admin users to a max time of 15000 -->
<!-- milliseconds and has a default value of 10000 -->
<property name="maxTimeLimit" value="15000"/>
<!-- limits searches to max size of 1000 entries: default value is 100 -->
<property name="maxSizeLimit" value="1000"/>
<!-- maximum number of threads used by mina is set to 8: default is 4 -->
<property name="maxThreads" value="8"/>
<property name="allowAnonymousAccess" value="false"/>
<property name="accessControlEnabled" value="false"/>
<property name="enableNtp" value="false"/>
<property name="enableKerberos" value="false"/>
<property name="enableChangePassword" value="false"/>
<!--
It's more efficient to keep this feature turned off but you may not like
having the creatorsName and modifiersName contain OIDs instead of short
attributeType names instead. So if you want the creatorsName to change
from the normalized form which is the internal representation of
'0.9.2342.19200300.100.1.1=admin,2.5.4.11=system'
to a more human readabile form like:
'uid=admin,ou=system'
then set this property to true.
-->
<property name="denormalizeOpAttrsEnabled" value="false"/>
<property name="ldapPort" value="10389"/>
<property name="systemPartitionConfiguration" ref="systemPartitionConfiguration"/>
<property name="contextPartitionConfigurations">
<set>
<ref bean="examplePartitionConfiguration"/>
<ref bean="sevenSeasPartitionConfiguration"/>
<ref bean="localPartitionConfiguration"/>
</set>
</property>
<property name="bootstrapSchemas">
<set>
<bean class="org.apache.directory.server.core.schema.bootstrap.AutofsSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.CorbaSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.CoreSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.CosineSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.ApacheSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.CollectiveSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.InetorgpersonSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.JavaSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.Krb5kdcSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.LocalSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.NisSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.SystemSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.ApachednsSchema"/>
</set>
</property>
<property name="extendedOperationHandlers">
<list>
<bean class="org.apache.directory.server.ldap.support.extended.GracefulShutdownHandler"/>
<bean class="org.apache.directory.server.ldap.support.extended.LaunchDiagnosticUiHandler"/>
</list>
</property>
<property name="interceptorConfigurations">
<list>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="normalizationService"/>
<property name="interceptor">
<bean class="org.apache.directory.server.core.normalization.NormalizationService"/>
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="authenticationService"/>
<property name="interceptor">
<bean class="org.apache.directory.server.core.authn.AuthenticationService"/>
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="referralService"/>
<property name="interceptor">
<bean class="org.apache.directory.server.core.referral.ReferralService"/>
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="authorizationService"/>
<property name="interceptor">
<bean class="org.apache.directory.server.core.authz.AuthorizationService"/>
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="defaultAuthorizationService"/>
<property name="interceptor">
<bean class="org.apache.directory.server.core.authz.DefaultAuthorizationService"/>
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="exceptionService"/>
<property name="interceptor">
<bean class="org.apache.directory.server.core.exception.ExceptionService"/>
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="schemaService"/>
<property name="interceptor">
<bean class="org.apache.directory.server.core.schema.SchemaService"/>
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="subentryService"/>
<property name="interceptor">
<bean class="org.apache.directory.server.core.subtree.SubentryService"/>
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="operationalAttributeService"/>
<property name="interceptor">
<bean class="org.apache.directory.server.core.operational.OperationalAttributeService"/>
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="collectiveAttributeService"/>
<property name="interceptor">
<bean class="org.apache.directory.server.core.collective.CollectiveAttributeService"/>
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="eventService"/>
<property name="interceptor">
<bean class="org.apache.directory.server.core.event.EventService"/>
</property>
</bean>
</list>
</property>
</bean>
<!-- use the following partitionConfiguration to override defaults for -->
<!-- the system partition -->
<bean id="systemPartitionConfiguration"
class="org.apache.directory.server.core.partition.impl.btree.MutableBTreePartitionConfiguration">
<property name="name" value="system"/>
<property name="cacheSize" value="100"/>
<property name="suffix" value="ou=system"/>
<!-- the optimizer is enabled by default but may not always be what -->
<!-- you want if your queries are really simple -->
<property name="optimizerEnabled" value="true"/>
<!--
Synchronization on writes does not wait for synch operations
to flush dirty pages. Writes persist immediately to disk at
a cost to performance with increased data integrity. Otherwise
the periodic synch operation will flush dirty pages using the
synchPeriodMillis parameter in the main configuration.
-->
<property name="synchOnWrite" value="true"/>
<property name="indexedAttributes">
<set>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="ou"/>
<property name="cacheSize" value="100"/>
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="uid"/>
<property name="cacheSize" value="100"/>
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="objectClass"/>
<property name="cacheSize" value="100"/>
</bean>
</set>
</property>
<property name="contextEntry">
<value>
objectClass: top
objectClass: organizationalUnit
objectClass: extensibleObject
ou: system
</value>
</property>
</bean>
<bean id="examplePartitionConfiguration"
class="org.apache.directory.server.core.partition.impl.btree.MutableBTreePartitionConfiguration">
<property name="name" value="example"/>
<property name="cacheSize" value="100"/>
<property name="suffix" value="dc=example,dc=com"/>
<!-- the optimizer is enabled by default but may not always be what -->
<!-- you want if your queries are really simple -->
<property name="optimizerEnabled" value="true"/>
<!--
Synchronization on writes does not wait for synch operations
to flush dirty pages. Writes persist immediately to disk at
a cost to performance with increased data integrity. Otherwise
the periodic synch operation will flush dirty pages using the
synchPeriodMillis parameter in the main configuration.
-->
<property name="synchOnWrite" value="true"/>
<property name="indexedAttributes">
<set>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="dc"/>
<property name="cacheSize" value="100"/>
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="ou"/>
<property name="cacheSize" value="100"/>
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="krb5PrincipalName"/>
<property name="cacheSize" value="100"/>
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="uid"/>
<property name="cacheSize" value="100"/>
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="objectClass"/>
<property name="cacheSize" value="100"/>
</bean>
</set>
</property>
<property name="contextEntry">
<value>
objectClass: top
objectClass: domain
objectClass: extensibleObject
dc: example
</value>
</property>
</bean>
<bean id="sevenSeasPartitionConfiguration"
class="org.apache.directory.server.core.partition.impl.btree.MutableBTreePartitionConfiguration">
<property name="name" value="The seven seas"/>
<property name="cacheSize" value="100"/>
<property name="suffix" value="o=sevenSeas"/>
<property name="optimizerEnabled" value="true"/>
<property name="synchOnWrite" value="true"/>
<property name="contextEntry">
<value>
objectClass: top
objectClass: organization
objectClass: extensibleObject
o: sevenSeas
</value>
</property>
</bean>
<bean id="localPartitionConfiguration"
class="org.apache.directory.server.core.partition.impl.btree.MutableBTreePartitionConfiguration">
<property name="name" value="local"/>
<property name="cacheSize" value="100"/>
<property name="suffix" value="dc=localnet"/>
<property name="optimizerEnabled" value="true"/>
<property name="synchOnWrite" value="true"/>
<property name="contextEntry">
<value>
objectClass: top
objectClass: organization
objectClass: extensibleObject
objectClass: javaContainer
objectClass: organizationalRole
dc: localnet
</value>
</property>
</bean>
<bean class="org.springframework.beans.factory.config.CustomEditorConfigurer">
<property name="customEditors">
<map>
<entry key="javax.naming.directory.Attributes">
<bean class="org.apache.directory.server.core.configuration.AttributesPropertyEditor"/>
</entry>
</map>
</property>
</bean>
</beans>
