Company dedicated to web development, graphic design, photography and web hosting.

Blog

How to install RainLoop webmail
27th of April 2016

How to configure code coverage with Selenium in Phpunit
24th of February 2014

How to install roundcube
9th of December 2013

How to jail / chroot users in FTP / SFTP
12th of June 2013

How to install a web server
23rd of April 2012

How to install svn server
15th of August 2011

How to create color schemes in Liferay
1st of June 2011

How to integrate JasperServer into Liferay
10th of March 2011

Good practices in applications development in Liferay and Alfresco
21st of February 2011

How to configure Alfresco with LDAP for authentication
9th of February 2011

How to merge two ldap servers with Penrose ldap virtual server
8th of February 2011

How to integrate KonaKart into Liferay
24th of January 2011

How to configure Liferay with Penrose LDAP and CAS
17th of January 2011

How to install Liferay
16th of January 2011

How to merge two ldap servers with Penrose ldap virtual server
Published Tuesday, 8th of February 2011

Overview Steps to merge and consolidate info from two different ldap servers in one tree using Penrose ldap virtual server. Alias table

Variable	Example	Description
${LDAP_SERVER}	localhost	Host where main ldap server is running
${LDAP_SERVER_PORT}	10389	Port where main ldap server is running
${LDAP_1_HOST}	ldap1	Host where ldap server is running
${LDAP_1_PORT}	10389	Port where ldap server is running
${LDAP_1_USR}	cn=Manager,dc=ochounos, dc=com	User manager
${LDAP_1_PWD}	secret	Password for the ldap server
${LDAP_2_HOST}	ldap2	Host where ldap server is running
${LDAP_2_PORT}	10389	Port where ldap server is running
${LDAP_2_USR}	cn=Manager,dc=ochounos, dc=com	User manager
${LDAP_2_PWD}	secret	Password for the ldap server

Steps to follow Penrose Server Installation

Download and install the LDAP server supporting virtual directory server in ${LDAP_SERVER} from the next url:
http://builds.safehaus.org/penrose/latest/vd-server-2.0.tar.gz
Run /opt/vd-server-2.0/bin/vd-config.sh after you installed the server.
Run the server in the port ${LDAP_SERVER_PORT}

Create connections

Modify the file ${LDAP_SERVER}/conf/connections.xml to add the connections.
12345678910111213141516171819202122232425262728293031
<connection name="ldap_conn1">
    <adapter-name>LDAP</adapter-name>
    <parameter>
        <param-name>java.naming.provider.url</param-name>
        <param-value>ldap://${LDAP_1_HOST}:${LDAP_1_PORT}/</param-value>
    </parameter>
    <parameter>
        <param-name>java.naming.security.principal</param-name>
        <param-value>${LDAP_1_USR}</param-value>
    </parameter>
    <parameter>
        <param-name>java.naming.security.credentials</param-name>
        <param-value>${LDAP_1_PWD}</param-value>
    </parameter>
</connection>
<connection name="ldap_conn2">
    <adapter-name>LDAP</adapter-name>
    <parameter>
        <param-name>java.naming.provider.url</param-name>
        <param-value>ldap://${LDAP_2_HOST}:${LDAP_2_PORT}/</param-value>
    </parameter>
    <parameter>
        <param-name>java.naming.security.principal</param-name>
        <param-value>${LDAP_2_USR}</param-value>
    </parameter>
    <parameter>
        <param-name>java.naming.security.credentials</param-name>
        <param-value>${LDAP_2_PWD}</param-value>
    </parameter>
</connection>

Create sources

Modify the file ${LDAP_SERVER}/conf/sources.xml to add the sources from ldap servers.
1234567891011121314151617181920212223
<source name="ldap_src1">
    <connection-name>ldap_conn1</connection-name>
        <field name="uid" primaryKey="true"/>
        <field name="cn"/>
        <field name="sn"/>
        <field name="userPassword"/>
    <parameter>
        <param-name>baseDn</param-name>
        <param-value>ou=Users,dc=ldap-server1,dc=ochounos,dc=com</param-value>
    </parameter>
</source>
<source name="ldap_src2">
    <connection-name>ldap_conn2</connection-name>
        <field name="uid" primaryKey="true"/>
        <field name="cn"/>
        <field name="sn"/>
        <field name="userPassword"/>
    <parameter>
        <param-name>baseDn</param-name>
        <param-value>ou=Users,dc=ldap-server2,dc=ochounos,dc=com</param-value>
    </parameter>
</source>
Add also a source combining the both sources defining in the step behind.
1234567891011
<source name="mergedSource">
    <source-class>org.safehaus.penrose.source.MergeSource</source-class>
    <parameter>
        <param-name>sources</param-name>
        <param-value>ldap_src1,ldap_src2</param-value>
    </parameter>
    <parameter>
        <param-name>attributes</param-name>
        <param-value>uniqueMember</param-value>
    </parameter>
</source>

Create directory entry

Modify the file ${LDAP_SERVER}/conf/directory.xml to add the dinamic entry.
123456789101112131415161718192021
<entry dn="uid=...,ou=Users,dc=ldap-merged,dc=ochounos,dc=com">
    <entry-class>org.safehaus.penrose.directory.DynamicEntry</entry-class>
        <oc>person</oc>
        <oc>top</oc>
        <oc>uidObject</oc>
        <at name="uid" rdn="true">
            <variable>src.uid</variable>
        </at>
        <at name="sn">
            <variable>src.sn</variable>
        </at>
        <at name="cn">
            <variable>src.cn</variable>
        </at>
        <at name="userPassword">
            <variable>src.userPassword</variable>
        </at>
    <source alias="src">
        <source-name>mergedSource</source-name>
    </source>
</entry>
Add the fields that you need and consolidate fields from different ldap servers to ensure that the merged tree have the correct fields.

Optional sources

You can use as many ldap sources as you want, also a source can come from a database (mysql, oracle, informix, ...) or any combination between them.

References http://penrose.redhat.com/display/PENROSE/Home

Back to the list of entries