Adding push-to-client back-end to LDAP
In this example, updates are made to IBM® Security Directory Server on z/OS®, currently using only an SDBM database
(security database wrapper) by adding an LDBM database (z/OS UNIX files)
to host the push-to-client schema.
- Add the LDBM back-end section to the LDAP configuration
file.
# filename ds.conf # restart GLDSRV started task to pick up changes # global section adminDN "cn=LDAP admin" adminPW password listen ldap://:389 schemaPath /etc/ldap # SDBM back–end section (RACF) database SDBM GLDBSD31/GLDBSD64 suffix "cn=RACF,o=IBM,c=US" # LDBM back–end section (z/OS UNIX files) database LDBM GLDBLD31/GLDBLD64 LDBM-z/OS EXPLORER suffix "o=PTC,c=zOSexplorer" databaseDirectory /var/ldap/ldbm/zexpl - Stop and start LDAP started task,
GRDSRV, to pick up the configuration changes. - Create the
/var/ldap/ldbm/zexpldirectory.mkdir –p /var/ldap/ldbm/zexpl - Update LDAP schema to add the LDBM
back-end.
ldapmodify –D "cn=LDAP admin" –w password –f /usr/lpp/ldap/etc/schema.user.ldif ldapmodify –D "cn=LDAP admin" –w password –f /usr/lpp/ldap/etc/schema.IBM.ldif - Add the root entry to the LDBM
back-end.
whereldapadd –D "cn=LDAP admin" –w password –f /u/ibmuser/ptc_root.ldif/u/ibmuser/ptc_root.ldifholds the following:dn: o=PTC,c=zOSexplorer objectclass: top objectclass: organization o: PTC