Top
ServerView Resource Orchestrator Cloud Edition V3.1.0 Design Guide
ServerView
Chapter 12 Installing and Defining Single Sign-On > 12.5 Updating from Earlier Versions > 12.5.5 Registering Users in the Directory Service
PreviousNext

12.5.5 Registering Users in the Directory Service

Register a user to the directory service.


When Using Active Directory

  1. Export the user information which is registered in Resource Orchestrator as files in the LDIF format.

    Example

    >rcxadm user list -format ldif > myusers.ldif <RETURN>

  2. Modify the user information exported as the ldif file in 1. for the actual environment.

    Modify the base names of entries based on the base name of the Active Directory.

  3. Execute the ldifde command to register the ldif file modified in 2. with Active Directory.

    Example

    >ldifde -i -e -k -t 636 -f myusers.ldif <RETURN>

    For details on the ldifde command, refer to the Active Directory documentation.

    Registered user passwords are reset as follows.

    rcxuser@123

  4. Change the user passwords registered in 3. to appropriate values. Use the Active Directory functions, and change the password.

  5. When performing Single Sign-On operations with ServerView Operations Manager, user definitions are necessary for ServerView Operations Manager. For details on how to add user definitions for ServerView Operations Manager, perform settings for Single Sign-On referring to the following manual:

    • "Integrating ServerView User Management into Microsoft Active Directory" in the "ServerView Suite User Management in ServerView"


When Using OpenDS

  1. Export the user and user group information which are registered in Resource Orchestrator as files in the LDIF format.

    Example

    >rcxadm user list -format ldif > myusers.ldif <RETURN>

    The ldif file for the Active Directory is output.

  2. Modify the user information exported as the ldif file in 1. for OpenDS.

    1. Modify the base names of entries based on the base name of the directory service.

    2. Delete the following attributes.

      • samAccountName

      • userAccountControl

      • unicodePwd

    3. Add the following attributes to user entries.

      • sn

      • uid (same value as the cn attribute)

      • userPassword

    4. Modify the values of the objectclass attribute.

      • Change "user" to "inetOrgPerson".

    5. Change "cn=Users" in the "cn=User_name,cn=Users,dc=fujitsu,dc=com" to "ou=Users".

    Example

    • Before editing (ldif file for Active Directory)

      # User
dn: cn=user01,cn=Users,dc=example,dc=local          # Change cn=Users to ou=Users.
changetype: add
objectclass: user                                 # Change to objectclass: inetOrgPerson.
cn: user01
samAccountName: user01                              # Delete this line.
userAccountControl: 512                             # Delete this line.
unicodePwd:: IgByAGMAeAB1AHMAZQByAEAAMQAyADMAIgA=   # Delete this line.
                                                    # Add sn,uid, and userPassword attributes.

    • After editing (ldif file for OpenDS)

      # User
dn: cn=user01,ou=Users,dc=fujitsu,dc=com
changetype: add
objectclass: inetOrgPerson
cn: user01
sn: user01
uid: user01
userPassword: mypassword

  3. Use the directory service client function to register the ldif file modified in 3. with the directory service.

    Set the Java SE 6 path for the environment variable JAVA_HOME, before executing the ldapmodify command of OpenDS.

    For details on the command, refer to each directory service manual.

    [Windows]

    >"OpenDS_installation_folder\bat\ldapmodify.bat" -p Port_number -f ldif_file -D Administrator_user_DN -w Password <RETURN>

    [Linux]

    # "OpenDS_installation_folder/bin/ldapmodify" -p Port_number -f ldif_file -D Administrator_user_DN -w Password <RETURN>

    SSL communications are not required when registering a user in OpenDS. The default value of the port number when not using SSL communications is "1473" in the OpenDS provided with ServerView Operations Manager.

    For details on how to configure connection settings of the OpenDS provided with ServerView Operations Manager, refer to README and the manuals of "ServerView Suite User Management in ServerView".

    Example

    >"C:\Program Files\Fujitsu\ServerView Suite\opends\bat\ldapmodify.bat" -p 1473 -f myusers.ldif -D "cn=Directory Manager" -w admin -c <RETURN>

  4. When performing Single Sign-On operations with ServerView Operations Manager, specify users who are defined in ServerView Operations Manager as the user information of Resource Orchestrator.

    For details on how to register users, refer to "Chapter 3 Configuring Users for Infrastructure Administrators" in the "User's Guide for Infrastructure Administrators (Resource Management) CE".

  5. When users of Resource Orchestrator log in to ServerView Operations Manager, user definitions are necessary for ServerView Operations Manager. For details on how to add user definitions for ServerView Operations Manager, perform settings for Single Sign-On referring to the following manual:

    • "Integrating ServerView User Management into Microsoft Active Directory" in the "ServerView Suite User Management in ServerView"

    For OpenDS, perform settings for Single Sign-On referring to the setting procedure of Active Directory.


PreviousNext
Copyright 2012-2014 FUJITSU LIMITED