Download BEJY LDAP
Download BEJY LDAP a small LDAP server.
Usage
Run the provided bejy script or bejy.cmd file.
Connect a LDAP client (e.g. Apache Directory Studio) and use
- User: directory manager
- Password: x
to login. Your first step is changing the directory manager's password.
Manual Password Reset
If you forgot the login password of the directory manager set a new password by modifying the file ldap.xml and editing the line
<cn name="directory manager">
add the attribute auth with your desired password.
<cn name="directory manager" auth="veryVERY_s_e_c_r_e_t">
This entry is converted into an userPassword entry during first successful login:
<cn name="directory manager">
...
<userpassword name="{ssha}6vkwHTty6GMUKMhhhqpVUdVEfpMkuQuFEk39BDrAryfvwyN5"/>
...
grant read or write permissions to some user
To grant a read permission assign the non standard LDAP attribute readPermission to a person. The value is the DN of the subtree to grant read access. E.g. dc=test,dc=de (All lowercase).
To grant a write permission assign the non standard LDAP attribute writePermission to a person. The value is the DN of the subtree to grant read access.
A person may have multiple readPermissions and writePermissions.
Note: The logged in user can only grant access to DNs if the user as write permission for that DN.
Features
Data store
All data is stored in a XML file. A database based storage layer might be implemented in future.
Password store
Passwords are stored as {ssha}. If a plaintext password is set, it's converted to {ssha}.
Modify Password
To support user's self service for passwords the extension "Modify Password 1.3.6.1.4.1.4203.1.11.1" is supported.
Simple Paged Results
This LDAP server has no size limit. And still supports the control "Simple Paged Results 1.2.840.113556.1.4.319" using the client specified page size.
Downloads