Page Comparison

...

1. Edit pentaho-spring-beans.xml
   Change the Spring XML files to use the LDAP DAOs instead of the Hibernate ones. Open pentaho-solutions/system/pentaho-spring-beans.xml and look for the following section:

   Code Block
   xml xml title pentaho-spring-beans.xml
   <beans> <!-- some lines omitted --> <import resource="applicationContext-spring-security.xml" /> <import resource="applicationContext-common-authorization.xml" /> <import resource="applicationContext-spring-security-ldap.xml" /> <import resource="applicationContext-pentaho-security-ldap.xml" /> </beans>

2. Start the directory
   In Windows, just start the Apacheds service in the Services dialog. In Linux, the command might be as simple as service apacheds start.
3. Import the LDIF
   The sample Spring XML files applicationContext-spring-security-ldap.xml and applicationContext-pentaho-security-ldap.xml assume the records below. If you already have an existing directory, or you wish to alter the sample LDIF files, you'll need to adjust the LDAP queries in the aforementioned Spring XML files. To make use of the sample LDIF file, use an LDAP browser, such as Apache Directory Studio or JXplorer, to import it. Note: You may or may not have success importing the LDIF file below. If you run into errors, manually create the records.

   Panel
   title Sample LDIF
   version: 1 dn: uid=joe,ou=users,ou=system mail: joe.pentaho@pentaho.org objectclass: inetOrgPerson objectclass: organizationalPerson objectclass: person objectclass: top uid: joe cn: joe businesscategory: cn=ceo,ou=roles,ou=system businesscategory: cn=Admin,ou=roles,ou=system userpassword:: cGFzc3dvcmQ= sn: Pentaho dn: uid=suzy,ou=users,ou=system mail: suzy.pentaho@pentaho.org objectclass: inetOrgPerson objectclass: organizationalPerson objectclass: person objectclass: top uid: suzy cn: suzy userpassword:: cGFzc3dvcmQ= businesscategory: cn=cto,ou=roles,ou=system businesscategory: cn=is,ou=roles,ou=system sn: Pentaho dn: uid=tiffany,ou=users,ou=system mail: tiffany.pentaho@pentaho.org objectclass: inetOrgPerson objectclass: organizationalPerson objectclass: person objectclass: top uid: tiffany cn: tiffany businesscategory: cn=devmgr,ou=roles,ou=system businesscategory: cn=dev,ou=roles,ou=system userpassword:: cGFzc3dvcmQ= sn: Pentaho dn: uid=pat,ou=users,ou=system mail: pat.pentaho@pentaho.org objectclass: inetOrgPerson objectclass: organizationalPerson objectclass: person objectclass: top uid: pat cn: pat businesscategory: cn=dev,ou=roles,ou=system userpassword:: cGFzc3dvcmQ= sn: Pentaho dn: cn=Sales,ou=groups,ou=system cn: Sales objectclass: groupofuniquenames objectclass: top uniquemember: uid=joe,ou=users,ou=system dn: cn=Marketing,ou=groups,ou=system cn: Marketing objectclass: groupofuniquenames objectclass: top uniquemember: uid=suzy,ou=users,ou=system dn: cn=Development,ou=groups,ou=system cn: Development objectclass: groupOfUniqueNames objectclass: top uniquemember: uid=pat,ou=users,ou=system uniquemember: uid=tiffany,ou=users,ou=system dn: ou=roles,ou=system ou: roles objectclass: organizationalUnit objectclass: top dn: cn=devmgr,ou=roles,ou=system l: Orlando objectclass: organizationalRole objectclass: top description: Development Manager roleoccupant: uid=tiffany,ou=users,ou=system cn: devmgr dn: cn=cto,ou=roles,ou=system cn: cto description: CTO Role objectclass: organizationalRole objectclass: top roleoccupant: uid=suzy,ou=users,ou=system l: Orlando st: Florida dn: cn=ceo,ou=roles,ou=system cn: ceo description: CEO Role objectclass: organizationalRole objectclass: top roleoccupant: uid=joe,ou=users,ou=system l: Orlando st: Florida dn: cn=is,ou=roles,ou=system cn: is description: Information Systems objectclass: organizationalRole objectclass: top roleoccupant: uid=suzy,ou=users,ou=system l: Orlando st: Florida dn: cn=dev,ou=roles,ou=system objectclass: organizationalRole objectclass: top roleoccupant: uid=pat,ou=users,ou=system roleoccupant: uid=tiffany,ou=users,ou=system cn: dev dn: cn=Admin,ou=roles,ou=system objectclass: organizationalRole objectclass: top roleoccupant: uid=joe,ou=users,ou=system roleoccupant: uid=admin,ou=system cn: Admin dn: cn=Authenticated,ou=roles,ou=system objectclass: organizationalRole objectclass: top roleoccupant: uid=joe,ou=users,ou=system roleoccupant: uid=suzy,ou=users,ou=system roleoccupant: uid=pat,ou=users,ou=system roleoccupant: uid=tiffany,ou=users,ou=system cn: Authenticated dn: cn=Anonymous,ou=roles,ou=system cn: Anonymous objectclass: organizationalRole objectclass: top

   Note: The passwords in the LDIF above ('cGFzc3dvcmQ=') are equivalent to a hash of the word 'password.'  Therefore, for authentication purposes, all the users above share the same password: 'password'.

   Note: Be sure to leave a blank line at the end of this file. Otherwise, the last entry may not import correctly.

   Note: The above LDIF assumes the following nodes already exist (as is the case with ApacheDS):
   dn: ou=users,ou=system
   ou: users
   objectclass: organizationalUnit
   objectclass: top
   
   dn: ou=groups,ou=system
   ou: groups
   objectclass: organizationalUnit
   objectclass: top

4. The default LDAP configuration should work with the above LDIF. If you want to change the LDAP server host or anything else about the configuration, see Security Data Access Objects.
5. Start the application server
   Now that the directory is running and the LDIF has been imported, start the application server.
6. Stop the directory
   In Windows, just stop the Apacheds in the Services dialog. In Linux, run service apacheds stop.

...