HP OSMS Blueprint: Directory Services on HP ProLiant Servers with SLES10
objectClass: organizationalUnit
dc: osm
ou: osm
userPassword:: e1NTSEF9ajJBQjhFUmNvZitTV0V5Rkp3ZGtjWE5va0J6ODFYa0g=
Because the user dc=dn4,dc=example,dc=com is granted the read privilege, the ou and
userPassword attributes are displayed in the results.
11. Create a modify.ldif file, to verify that the user dc=dn4,dc=example,dc=com cannot
modify the ou attribute of dc=osm,dc=example,dc=com, using the following content:
dn: dc=osm,dc=example,dc=com
changetype: modify
replace: ou
ou: osm.test
Notice that in the file, the value of ou is changed to osm.test.
12. Using the ldapmodify command and the user dc=dn4,dc=example,dc=com, apply the
entry modification in the modify.ldif created in step 11 by entering the following
command:
# /opt/symas/bin/ldapmodify -x -D 'dc=dn4,dc=example,dc=com' \
-w abc123 -h cds_server -f /tmp/modify.ldif
The following is displayed:
modifying entry "dc=osm,dc=example,dc=com" ldap_modify: Insufficient
access (50)
This message means that the user dc=dn4,dc=example,dc=com has no privileges to write
the ou attribute of dc=osm,dc=example,dc=com.
13. Now, use the same ldapmodify command with the user dc=dn5,dc=example,dc=com
to verify the user has been given write privileges, by entering the following command:
# /opt/symas/bin/ldapmodify -x -D 'dc=dn5,dc=example,dc=com' \
-w abc123 -h cds_server -f /tmp/modify.ldif
If write privileges are successfully granted, the following message displays:
modifying entry "dc=osm,dc=example,dc=com"
14. Use the ldapsearch command to verify the attributes of dc=osm,dc=example,dc=com
have been successfully changed, by entering the following command:
# /opt/symas/bin/ldapsearch -x -D 'dc=dn5,dc=example,dc=com' \
-w abc123 -h cds_server -b 'dc=osm,dc=example,dc=com' -s base -LLL
The following message is displayed:
dn: dc=osm,dc=example,dc=com
objectClass: dcObject
objectClass: organizationalUnit
dc: osm
userPassword:: e1NTSEF9ajJBQjhFUmNvZitTV0V5Rkp3ZGtjWE5va0J6ODFYa0g=
ou: osm.test
Notice that in the file, the value of ou is changed to osm.test because
dc=dn5,dc=example,dc=com is granted the write privilege. It can also search and read
the values of ou and userPassword, as specified in the ACLs
Monitoring OpenLDAP with the HP OpenView Operations CDS Gallery
SPIs
HP enhances the OSMS Directory Services by using HP OpenView Operations Gallery Smart
Plug-Ins (OVO SPIs).
Monitoring OpenLDAP with the HP OpenView Operations CDS Gallery SPIs 31