Manage LDAP directory services with UMRA - Tools4Ever.com

More documents

Recommendations

Info

User Management Resource Administrator – Managing LDAP directory servicesList of figuresFigure 1: Network with helpdesk running UMRA Forms in a hybrid directoryservices network. ........................................................................................................ 8Figure 2: Specification of the LDAP modification data.......................................................... 12Figure 3: Multiple value specification for a single attribute.................................................... 12Figure 4: LDAP search specification. ................................................................................. 15Figure 5: LDAP search attribute specification...................................................................... 16Figure 6: eDirectory shown in Novell ConsoleOne with the LDAP Server onserver SRVNW6........................................................................................................ 20Figure 7: Novell ConsoleOne: LDAP Server SSL attributes. ................................................. 21Figure 8: Novell ConsoleOne: LDAP Server SSL attributes. ................................................. 22Figure 9: Novell ConsoleOne: Properties of trusted root certificate........................................ 22Figure 10: List with Trusted Root Certification Authorities showing the importedLDAP Server certificate.............................................................................................. 23Figure 11: Add Certificates snap-in to Microsoft Management Console in orderto import the certificate for UMRA Service.................................................................... 24Figure 12: The MMC configured to manage the certificates of the localcomputer as used by the UMRA Service...................................................................... 24Figure 13: LDAP.EXE connection settings.......................................................................... 25Figure 14: LDP.EXE failure when SSL certificates are not or incorrectlyconfigured. ............................................................................................................... 25Figure 15: LDP.EXE successful connection setup using SSL. ....................................................25Figure 16: Example project to import bulk user accounts in Novell eDirectoryusing UMRA and secure LDAP (SSL). .................................................................................26Figure 17: Setup LDAP session script action...............................................................................26Figure 18: Load LDAP modification data script action. ......................................................... 27Figure 19: Properties of action to setup LDAP modification data........................................... 28Figure 20: Dialog used to specify the modification type and values of a singleattribute.................................................................................................................... 29Figure 21: Add directory service object (LDAP) script action................................................. 29Figure 22: UMRA Forms application to reset passwords of Novell eDirectoryuser accounts. .......................................................................................................... 31Figure 23: Script actions of initialization project ResetPassword –InitializeVars............................................................................................................ 32Figure 24: Script action to execute script of project ResetPassword –InitializeVars. ............................................................................................................ 33Figure 25: Script action to setup LDAP session................................................................... 33Figure 26: Script action to search in Novell eDirectory. ........................................................ 34Figure 27: Preview in UMRA Console of project Novell eDirectory – Resetpassword.................................................................................................................. 35Figure 28: Definition of the form of project Novell eDirectory – Reset password ..................... 35Figure 29: Specification of columns of generic table derived from variable%LdapUsers%. ......................................................................................................... 36Figure 30: Specification of the table columns shown in the form. .......................................... 36Figure 31: Script action to execute the script of project ResetPassword –InitializeVars. ............................................................................................................ 37Figure 32: Script action to setup the LDAP session. ............................................................ 37Figure 33: Script action to initialize the LDAP modification data. ........................................... 38Figure 34: Script action to modify the directory service item. ................................................ 38Figure 35: Form to enter the distinguished names of the user accounts andgroup. ...................................................................................................................... 40Figure 36 Script action to initialize the LDAP modification data to update useraccount attributes groupMembership and securityEquals.......................................... 40Figure 37: Script action to update the attributes of the user account...................................... 40© Tools4ever 2005 iv
User Management Resource Administrator – Managing LDAP directory servicesFigure 38 Script action to initialize the LDAP modification data to update groupattributes uniqueMember and equivalentToMe. ......................................................... 41Figure 39: Script action to update the attributes of the group. ............................................... 41Figure 40: Update user group membership wizard, step 1: Select user. ................................ 43Figure 41: Update user group membership wizard, step 2: Select group. .............................. 43Figure 42: Script action to setup a secure LDAP session with the OpenLDAPLinux server.............................................................................................................. 50Figure 43: Script action to initialize the LDAP modification data that is used tocreate an person item in the directory service on Linux using OpenLDAP. ...................... 50Figure 44: Script action to add the person to the Linux OpenLDAP directoryservice. .................................................................................................................... 51Figure 45: Installation of Certificates Services on a Windows 2003 domaincontroller. ................................................................................................................. 55Figure 46: Selection of Certification Authority: Stand-alone root CA. ................................... 56Figure 47: Specification of the Certification Authority identificationinformation. .............................................................................................................. 56Figure 48: Issue the submitted certification request. ............................................................ 57Figure 49: Result certificate, issued by the Certification Authority. ..................................... 57Figure 50: Export the root certificate of the Certification Authority...................................... 58Figure 51: Import the root certificate of the Certification Authority on theActive Directory domain controller............................................................................... 59Figure 52: Verification of the purpose of the certificate......................................................... 60Figure 53: Test the LDAP SSL connection using LDP.EXE from the WindowsSupport Tools. .......................................................................................................... 60Figure 54: Connection information when a successful connection is established. ................... 61Figure 55: Example project to create mass user accounts in Active Directoryusing secure LDAP.................................................................................................... 62Figure 56: Script action to setup a secure LDAP session with an ActiveDirectory domain controller......................................................................................... 63Figure 57: Script action to initialize the LDAP modification data used to createan user account in Active Directory. ............................................................................ 63Figure 58: Script action to add the user account to Active Directory. ..................................... 64Figure 59: UMRA Forms client showing Reset password application. ................................... 67Figure 60: Variable initialization with project LdapAd_Init.................................................... 68Figure 61: Script action: Execute script of project LdapAd_Init. ........................................... 68Figure 62: Script action: Setup LDAP session..................................................................... 69Figure 63: Script action: Search LDAP. .............................................................................. 69Figure 64:UMRA form project LdapAd_ResetPassword with form and script toreset the password of an Active Directory user account using secureLDAP.. ..................................................................................................................... 70Figure 65: Resulting form of ProjectLdapAd_ResetPassword............................................... 71Figure 66: Generic table of the variable type. Specification of the name of thevariable with table data and the name of the columns of the table. ................................. 71Figure 67: Specification of the columns shown in the form and the variablereturned. .................................................................................................................. 72Figure 68: Password input text field specification. ............................................................... 73Figure 69: Form actions executed by the UMRA Service when the Resetpassword button is clicked by the end-user................................................................. 73Figure 70: Script action: Delete a specific variable. ............................................................. 74Figure 71: Script action: If-Then-Else to check the password and confirmedpassword.................................................................................................................. 75Figure 72: If-Then-Else specification.................................................................................. 75Figure 73: Script action to execute the initialization script..................................................... 76Figure 74: Script action to setup a secure LDAP session. .................................................... 76Figure 75: Script action to initialize the LDAP modification data with thepassword attribute value. ........................................................................................... 77Figure 76: Script action to reset the password. ................................................................... 77Figure 77: Script action to delete the %DistinguishedName% variable. ............................... 78© Tools4ever 2005 v
Page 2 and 3: User Management Resource Administra
Page 56 and 57:
User Management Resource Administra
Page 58 and 59:
Page 60 and 61:
Page 62 and 63:
Page 64 and 65:
Page 66 and 67:
Page 68 and 69:
Page 70 and 71:
Page 72 and 73:
Page 74 and 75:
Page 76 and 77:
Page 78 and 79:
Page 80 and 81:
Page 82 and 83:
Page 84 and 85:
Page 86:
show all

Manage LDAP directory services with UMRA - Tools4Ever.com

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?