Duke Wiki  logo
Child pages
  • LDAP Server Configuration

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


At present we are using unencrypted LDAP (this is scheduled to change soon) so be sure to configure a port that allows for this as well as an "old-style" SSL only port.


We are currently relying on the default permission configuration of OpenDS, particularly the section that allows a authenticated binding to change attributes on the entry bound to. If you are using OpenDS, this requires no changes. If you are using some other LDAP server you may need to change the permissions configuration to allow the users to change their own entry.


The schema we are using is the standard approach where the root is a domainComponent entity and the users are in a people organization unit under the root. The users are inetOrgPerson entries with some extensions. The user entries MUST have a displayName attribute as the browser software relies on it for proper display.


To see a running example that is used by the Open Cobalt development, you can look in the LDAP server at Hostname: xrfb1. xrfb. net Port: 1389 BindDN: uid=guest, ou=people, dc=opencobalt, dc=org Password: teatime


For Open Cobalt development we are currently just administering the database by hand. To do this we have found the admin tool Apache Directory Studio to be very useful.

Client configuration

Configuring Open Cobalt to use an alternate directory server is straightforward. Start Open Cobalt and activate the menu item Cobalt/General Preferences... A window should open. Scroll down to the bottom of the window. There should be the
4 items that Open Cobalt currently uses to configure the directory settings: LDAP Hostname, LDAP Port, LDAP BindDN, LDAP Password, and LDAP BaseDN.