# Configuring LDAP Collector

The Open iT LDAPCollector collects Active Directory information and sends them over to the server. This allows the server installation in the cloud to integrate the Active Directory to their reports.

# Activating LDAP Data Collection

  1. Go to the scheduler directory, which is by default in C:\Program Files\OpeniT\Core\Configuration\scheduler, and open collect_ldap.oconf.

  2. Locate and set collect_ldap.active to true to activate the collection of LDAP data.

    collect_ldap.oconf
     1|root
 2|{
 3| scheduler
 4| {
 5|   jobs
 6|   {
 7|     collect_ldap
 8|     {
        ...
16|         active
17|         {
18|           type=bool
19|           value=true
20|         }
...

  3. Save the changes.

  1. Go to the scheduler directory, which is by default in /var/opt/openit/etc/scheduler, and open collect_ldap.oconf.

  2. Locate and set collect_ldap.active to true to activate the collection of LDAP data.

    collect_ldap.oconf
     1|root
 2|{
 3| scheduler
 4| {
 5|   jobs
 6|   {
 7|     collect_ldap
 8|     {
        ...
16|         active
17|         {
18|           type=bool
19|           value=true
20|         }
...

  3. Save the changes.

# Verifying LDAP Collector Configuration

Follow these steps to manually check if the configuration works:

  1. Open a command prompt with Administrator level privileges.

  2. Go to the bin directory, which is by default in C:\Program Files\OpeniT\Core\bin, run the command:

    Command Syntax
    cd $BIN_DIR
    Example
    cd C:\Program Files\OpeniT\Core\bin

  3. Once in the directory, run the command:

    Command Syntax
    openit_confbuilder --client

  4. Run the LDAP collector binary:

    Command Syntax
     openit_ldapcollector

    Ensure that there is no error encountered upon running the command.

  5. Verify that there is an ldap_data.tsv file created in the server's LdapCollector directory, which is by default in C:\Program Files\OpeniT\Core\Log\temp\LdapCollector.

  1. Go to the bin directory, which is by default in /opt/openit/bin, run the command:

    Command Syntax
    cd $BIN_DIR
    Example
    cd /opt/openit/bin

  2. Once in the directory, run the command:

    Command Syntax
    ./openit_confbuilder --client

  3. Run the LDAP collector binary:

    Command Syntax
     ./ldapcollector

    Ensure that there is no error encountered upon running the command.

  4. Verify that there is an ldap_data.tsv file created in the server's LdapCollector directory, which is by default in /var/opt/openit/temp/LdapCollector.

# Configuring LDAP Settings

  1. Go to the Components directory, which is by default in C:\Program Files\OpeniT\Core\Configuration\Components, and open ldapcollector.xml.

  2. Locate the object node url and specify the LDAP Server URL to connect to.

    ldapcollector.xml
     27| <Object>
 28|     <Name>url</Name>
 29|     <Description>Optional in windows. Required in UNIX. The ldap server url to connect to. If none are specified, it will find the default domain controller and port of the machine where the application is running on.
 30|     It will also use the RootDSE's DN as starting point for search.
 31|     </Description>
 32|     <Value type="String">LDAP:</Value>
 33| </Object>
    Accepted Format Description
    LDAP: Binds to the root of the LDAP namespace
    LDAP://[HostName] Binds to a specific server
    LDAP://[HostName]:[PortNumber] Binds to a specific server using the specified port number
    LDAP://[DistiguishedName] Binds to a specific object and start the search from that node
    LDAP://[HostName]/[DistiguishedName] Binds to a specific object through a specific server
    LDAP://[HostName]:[PortNumber]/[DistiguishedName] Binds to a specific object and start the search from that node through a specific server
    LDAP://[IPAddress] Binds to a specific IP address
    LDAP://[IPAddress]:[PortNumber] Binds to a specific IP address using the specified port number
    LDAP://[IPAddress]:[PortNumber]/[DistiguishedName] Binds to a specific object and start the search from that node through a specific IP address
    Accepted url values

    # Examples

    ldapcollector.xml | Format: LDAP://[HostName]
     27| <Object>
 28|     <Name>url</Name>
 29|	    <Description>Optional in windows. Required in UNIX. The ldap server url to connect to. If none are specified, it will find the default domain controller and port of the machine where the application is running on.
 30|		It will also use the RootDSE's DN as starting point for search.
 31|		</Description>
 32|		<Value type="String">LDAP://server01</Value>
 33|	</Object>
    ldapcollector.xml | Format: LDAP://[HostName]:[PortNumber]
     27| <Object>
 28|     <Name>url</Name>
 29|		<Description>Optional in windows. Required in UNIX. The ldap server url to connect to. If none are specified, it will find the default domain controller and port of the machine where the application is running on.
 30|		It will also use the RootDSE's DN as starting point for search.
 31|		</Description>
 32|		<Value type="String">LDAP://server01:390</Value>
 33|	</Object>
    ldapcollector.xml | Format: LDAP://[DistiguishedName]
     27| <Object>
 28|     <Name>url</Name>
 29|		<Description>Optional in windows. Required in UNIX. The ldap server url to connect to. If none are specified, it will find the default domain controller and port of the machine where the application is running on.
 30|		It will also use the RootDSE's DN as starting point for search.
 31|		</Description>
 32|		<Value type="String">CN=Jeff Smith,CN=Users,DC=fabrikam,DC=com</Value>
 33|	</Object>
    ldapcollector.xml | Format: LDAP://[HostName]/[DistiguishedName]
     27| <Object>
 28| 	<Name>url</Name>
 29|		<Description>Optional in windows. Required in UNIX. The ldap server url to connect to. If none are specified, it will find the default domain controller and port of the machine where the application is running on.
 30|		It will also use the RootDSE's DN as starting point for search.
 31|		</Description>
 32|		<Value type="String">LDAP://server01/CN=Jeff Smith,CN=Users,DC=fabrikam,DC=com</Value>
 33|	</Object>
    ldapcollector.xml | Format: LDAP://[HostName]:[PortNumber]/[DistiguishedName]
     27| <Object>
 28| 	<Name>url</Name>
 29|		<Description>Optional in windows. Required in UNIX. The ldap server url to connect to. If none are specified, it will find the default domain controller and port of the machine where the application is running on.
 30|		It will also use the RootDSE's DN as starting point for search.
 31|		</Description>
 32|		<Value type="String">LDAP://server01:390/CN=Jeff Smith,CN=Users,DC=fabrikam,DC=com</Value>
 33|	</Object>
    ldapcollector.xml | Format: LDAP://[IPAddress]
     27| <Object>
 28| 	<Name>url</Name>
 29|		<Description>Optional in windows. Required in UNIX. The ldap server url to connect to. If none are specified, it will find the default domain controller and port of the machine where the application is running on.
 30|		It will also use the RootDSE's DN as starting point for search.
 31|		</Description>
 32|		<Value type="String">LDAP://17.172.224.47</Value>
 33|	</Object>
    ldapcollector.xml | Format: LDAP://[IPAddress]:[PortNumber]
     27| <Object>
 28| 	<Name>url</Name>
 29|		<Description>Optional in windows. Required in UNIX. The ldap server url to connect to. If none are specified, it will find the default domain controller and port of the machine where the application is running on.
 30|		It will also use the RootDSE's DN as starting point for search.
 31|		</Description>
 32|		<Value type="String">LDAP://17.172.224.47:390</Value>
 33|	</Object>
    ldapcollector.xml | Format: LDAP://[IPAddress]:[PortNumber]/[DistiguishedName]
     27| <Object>
 28| 	<Name>url</Name>
 29|		<Description>Optional in windows. Required in UNIX. The ldap server url to connect to. If none are specified, it will find the default domain controller and port of the machine where the application is running on.
 30|		It will also use the RootDSE's DN as starting point for search.
 31|		</Description>
 32|		<Value type="String">LDAP://17.172.224.47:390/CN=Jeff Smith,CN=Users,DC=fabrikam,DC=com</Value>
 33|	</Object>

  3. Locate the object node filter and set the filter to use for searching data.

    ldapcollector.xml
     35| <Object>
 36| 	<Name>filter</Name>
 37|		<Description>Optional. The filter use for searching data.</Description>
 38|		<Value type="String">objectClass=User</Value>
 39|	</Object>

    The default value is objectClass=User. Update the value by following either of the following format:

     ([attribute][operator][value])

    or

     ([operator][filter1][filter2])

    # Examples

    The sample filter value below processes all objects.

    Example: ldapcollector.xml
     35| <Object>
 36| 	<Name>filter</Name>
 37|		<Description>Optional. The filter use for searching data.</Description>
 38|		<Value type="String">(objectClass=\*) </Value>
 39|	</Object>

    The sample filter value below filters all user objects but not andy.

    Example: ldapcollector.xml
     35| <Object>
 36| 	<Name>filter</Name>
 37|		<Description>Optional. The filter use for searching data.</Description>
 38|		<Value type="String">(&(objectClass=User)(!(CN=andy)))</Value>
 39|	</Object>

    The sample filter value below filters all user objects with a surname that starts with sm.

    Example: ldapcollector.xml
     35| <Object>
 36| 	<Name>filter</Name>
 37|		<Description>Optional. The filter use for searching data.</Description>
 38|		<Value type="String">(sn=sm\*)</Value>
 39|	</Object>

    The sample filter value below filters all contacts with a surname equal to Smith or Johnson.

    Example: ldapcollector.xml
     35| <Object>
 36| 	<Name>filter</Name>
 37|		<Description>Optional. The filter use for searching data.</Description>
 38|		<Value type="String">(&(objectClass=contact)(\|(sn=Smith)(sn=Johnson)))</Value>
 39|	</Object>

  4. Locate the object node attribute and set the attribute values to retrieve.

    ldapcollector.xml
     47| <Object>
 48| 	<Name>attribute</Name>
 49|		<Description>Required. The attributes to retrieve</Description>
 50|		<Value type="String">sAMAccountName,displayName,department,division,employeeType,l,mail,physicalDeliveryOfficeName,title</Value>
 51|	</Object>

    The default value is sAMAccountName,displayName,department,division,employeeType,l, mail,physicalDeliveryOfficeName,title. Update the attribute separated by comma.

     attrib1,attrib2,...attribN

    Accepted Attribute Description
    sAMAccountName Logon Name (Pre Windows 2000)
    displayName Display Name
    department Department Name
    division Division Name
    employeeType Display Name
    l Location
    mail Email Address
    physicalDeliveryOfficeName Office
    title Job Title
    Sample attribute Values

  5. Save the changes.

  6. Go to the bin directory, which is by default in C:\Program Files\OpeniT\Core\bin, run the command:

    Command Syntax
     cd $BIN_DIR
    Example
     cd C:\Program Files\OpeniT\Core\bin

  7. Update the configuration file, run the command:

    Command Syntax
     openit_confbuilder --client

    Make sure that there are no errors encountered.

  1. Go to the Components directory, which is by default in /var/opt/openit/etc/Components, and open ldapcollector.xml.

  2. Locate the object node url and set the LDAP Server URL to connect to.

    ldapcollector.xml
     27| <Object>
 28|     <Name>url</Name>
 29|     <Description>Optional in windows. Required in UNIX. The ldap server url to connect to. If none are specified, it will find the default domain controller and port of the machine where the application is running on.
 30|     It will also use the RootDSE's DN as starting point for search.
 31|     </Description>
 32|     <Value type="String">LDAP:</Value>
 33| </Object>
    Accepted Format Description
    LDAP: Binds to the root of the LDAP namespace
    LDAP://[HostName] Binds to a specific server
    LDAP://[HostName]:[PortNumber] Binds to a specific server using the specified port number
    LDAP://[DistiguishedName] Binds to a specific object and start the search from that node
    LDAP://[HostName]/[DistiguishedName] Binds to a specific object through a specific server
    LDAP://[HostName]:[PortNumber]/[DistiguishedName] Binds to a specific object and start the search from that node through a specific server
    LDAP://[IPAddress] Binds to a specific IP address
    LDAP://[IPAddress]:[PortNumber] Binds to a specific IP address using the specified port number
    LDAP://[IPAddress]:[PortNumber]/[DistiguishedName] Binds to a specific object and start the search from that node through a specific IP address
    Accepted url Values

    # Examples

    ldapcollector.xml | Format: LDAP://[HostName]
     27| <Object>
 28|     <Name>url</Name>
 29|	    <Description>Optional in windows. Required in UNIX. The ldap server url to connect to. If none are specified, it will find the default domain controller and port of the machine where the application is running on.
 30|		It will also use the RootDSE's DN as starting point for search.
 31|		</Description>
 32|		<Value type="String">LDAP://server01</Value>
 33|	</Object>
    ldapcollector.xml | Format: LDAP://[HostName]:[PortNumber]
     27| <Object>
 28|     <Name>url</Name>
 29|		<Description>Optional in windows. Required in UNIX. The ldap server url to connect to. If none are specified, it will find the default domain controller and port of the machine where the application is running on.
 30|		It will also use the RootDSE's DN as starting point for search.
 31|		</Description>
 32|		<Value type="String">LDAP://server01:390</Value>
 33|	</Object>
    ldapcollector.xml | Format: LDAP://[DistiguishedName]
     27| <Object>
 28|     <Name>url</Name>
 29|		<Description>Optional in windows. Required in UNIX. The ldap server url to connect to. If none are specified, it will find the default domain controller and port of the machine where the application is running on.
 30|		It will also use the RootDSE's DN as starting point for search.
 31|		</Description>
 32|		<Value type="String">CN=Jeff Smith,CN=Users,DC=fabrikam,DC=com</Value>
 33|	</Object>
    ldapcollector.xml | Format: LDAP://[HostName]/[DistiguishedName]
     27| <Object>
 28| 	<Name>url</Name>
 29|		<Description>Optional in windows. Required in UNIX. The ldap server url to connect to. If none are specified, it will find the default domain controller and port of the machine where the application is running on.
 30|		It will also use the RootDSE's DN as starting point for search.
 31|		</Description>
 32|		<Value type="String">LDAP://server01/CN=Jeff Smith,CN=Users,DC=fabrikam,DC=com</Value>
 33|	</Object>
    ldapcollector.xml | Format: LDAP://[HostName]:[PortNumber]/[DistiguishedName]
     27| <Object>
 28| 	<Name>url</Name>
 29|		<Description>Optional in windows. Required in UNIX. The ldap server url to connect to. If none are specified, it will find the default domain controller and port of the machine where the application is running on.
 30|		It will also use the RootDSE's DN as starting point for search.
 31|		</Description>
 32|		<Value type="String">LDAP://server01:390/CN=Jeff Smith,CN=Users,DC=fabrikam,DC=com</Value>
 33|	</Object>
    ldapcollector.xml | Format: LDAP://[IPAddress]
     27| <Object>
 28| 	<Name>url</Name>
 29|		<Description>Optional in windows. Required in UNIX. The ldap server url to connect to. If none are specified, it will find the default domain controller and port of the machine where the application is running on.
 30|		It will also use the RootDSE's DN as starting point for search.
 31|		</Description>
 32|		<Value type="String">LDAP://17.172.224.47</Value>
 33|	</Object>
    ldapcollector.xml | Format: LDAP://[IPAddress]:[PortNumber]
     27| <Object>
 28| 	<Name>url</Name>
 29|		<Description>Optional in windows. Required in UNIX. The ldap server url to connect to. If none are specified, it will find the default domain controller and port of the machine where the application is running on.
 30|		It will also use the RootDSE's DN as starting point for search.
 31|		</Description>
 32|		<Value type="String">LDAP://17.172.224.47:390</Value>
 33|	</Object>
    ldapcollector.xml | Format: LDAP://[IPAddress]:[PortNumber]/[DistiguishedName]
     27| <Object>
 28| 	<Name>url</Name>
 29|		<Description>Optional in windows. Required in UNIX. The ldap server url to connect to. If none are specified, it will find the default domain controller and port of the machine where the application is running on.
 30|		It will also use the RootDSE's DN as starting point for search.
 31|		</Description>
 32|		<Value type="String">LDAP://17.172.224.47:390/CN=Jeff Smith,CN=Users,DC=fabrikam,DC=com</Value>
 33|	</Object>

  3. Locate the object node filter and set the filter to use for searching data.

    ldapcollector.xml
     35| <Object>
 36| 	<Name>filter</Name>
 37|		<Description>Optional. The filter use for searching data.</Description>
 38|		<Value type="String">objectClass=User</Value>
 39|	</Object>

    The default value is objectClass=User. Update the value by following either of the following format:

     ([attribute][operator][value])

    or

     ([operator][filter1][filter2])

    # Examples

    The sample filter value below processes all objects.

    Example: ldapcollector.xml
     35| <Object>
 36| 	<Name>filter</Name>
 37|		<Description>Optional. The filter use for searching data.</Description>
 38|		<Value type="String">(objectClass=\*) </Value>
 39|	</Object>

    The sample filter value below filters all user objects but not andy.

    Example: ldapcollector.xml
     35| <Object>
 36| 	<Name>filter</Name>
 37|		<Description>Optional. The filter use for searching data.</Description>
 38|		<Value type="String">(&(objectClass=User)(!(CN=andy)))</Value>
 39|	</Object>

    The sample filter value below filters all user objects with a surname that starts with sm.

    Example: ldapcollector.xml
     35| <Object>
 36| 	<Name>filter</Name>
 37|		<Description>Optional. The filter use for searching data.</Description>
 38|		<Value type="String">(sn=sm\*)</Value>
 39|	</Object>

    The sample filter value below filters all contacts with a surname equal to Smith or Johnson.

    Example: ldapcollector.xml
     35| <Object>
 36| 	<Name>filter</Name>
 37|		<Description>Optional. The filter use for searching data.</Description>
 38|		<Value type="String">(&(objectClass=contact)(\|(sn=Smith)(sn=Johnson)))</Value>
 39|	</Object>

  4. Locate the object node attribute and set the attribute values to retrieve.

    ldapcollector.xml
     47| <Object>
 48| 	<Name>attribute</Name>
 49|		<Description>Required. The attributes to retrieve</Description>
 50|		<Value type="String">sAMAccountName,displayName,department,division,employeeType,l,mail,physicalDeliveryOfficeName,title</Value>
 51|	</Object>

    The default value is sAMAccountName,displayName,department,division,employeeType,l, mail,physicalDeliveryOfficeName,title. Update the attribute separated by comma.

     attrib1,attrib2,...attribN

    Accepted Attribute Description
    sAMAccountName Logon Name (Pre Windows 2000)
    displayName Display Name
    department Department Name
    division Division Name
    employeeType Display Name
    l Location
    mail Email Address
    physicalDeliveryOfficeName Office
    title Job Title
    Sample attribute Values

  5. Save the changes.

  6. Go to the bin directory, which is by default in /var/opt/openit/etc/Components, run the command:

    Command Syntax
     cd $BIN_DIR
    Example
     cd /opt/openit/bin

  7. Update the configuration file, run the command:

    Command Syntax
     ./openit_confbuilder --client

    Make sure that there are no errors encountered.

# Next Steps?

After configuring the LDAP Collector, proceed with the mapping configurations in the Core Server web interface.

   Mapping  

Powered by Open iT ® Open iT Docs All rights reserved.

We value your feedback!

Please take a few minutes to complete our survey and share your thoughts on your recent experience with our documentation.

Take survey

Close