EmpowerID's Virtual Directory Service (VDS) provides a robust identity virtualization service with unified, enterprise-wide security by acting as an abstraction layer between disparate data stores, such as payroll systems, HR systems, Active Directory, custom applications and other sources. EmpowerID's VDS allows applications to interact with these data sources, without being directly connected to them.
In this topic, we use the terms "Virtual Directory Service", "VDS", and "LDAP Server" interchangeably. |
The VDS is a server-side JavaScript application managed by Node.js. As such, Node must be installed on your Linux Server before the VDS can be configured for use. Additionally, the LDAP Server uses the Forever node module to keep the server up and running. The installer you received from EmpowerID checks to see if these prerequisites are installed. If they are not, the installer installs them for you.
Installing and configuring the EmpowerID Virtual Directory Server on Linux involves the following:
SQL Login Prerequisite: As the LDAP Server authenticates users against the EmpowerID database, you need to provide it with a SQL login that has rights to the EmpowerID database. Expand the below drop-down for step-by-step directions on creating the login in SQL Server.
|
Run the following command to extract the LDAPServer.X.X.X.tar.gz file you received from EmpowerID.
tar -xzf Downloads/LDAPServer.1.0.74.0.tar.gz |
Please note that the location of the file on your server as well as the name of the file may differ. Update the command for your specific scenario accordingly. |
Optional: Run the following commands to navigate to the folder with the LDAP Server install script and view the README file.
|
|
Run the following command to make the installer executable:
sudo chmod +x install.sh |
Run the following command to execute the installer. When executed, the installer checks to see if you have node and forever installed—installing them if you do not—and then installs the EmpowerID LDAP Server.
sudo ./install.sh |
After installing the EmpowerID LDAP Server, run the following command to open theconfig.txtfile. The file needs to be edited for your environment. In the command, we are using gedit, but you can use another editor if preferred. To do so, replace "gedit" with your editor.
sudo gedit /usr/local/empoweridLDAP/LDAP\ Server/config.txt |
Save your changes and exit config.txt.
If you need to make changes to the config.txt file beyond those listed above, it is recommended that you contact EmpowerID support. |
If you are not using TLS, you can skip the below steps that pertain to TLS. |
From your terminal, run the following command to list the contents of the empoweridLDAP directory:
sudo ls /usr/local/empoweridLDAP |
If you see a folder named certs, run the following command to rename it to cert and move it to the empoweridLDAP/LDAP Server directory.
sudo mv /usr/local/empoweridLDAP/certs /usr/local/empoweridLDAP/LDAP\ Server |
Run the following command to start the LDAP Server:
sudo /etc/init.d/EmpowerIDLDAPServer start |
After starting the server, you can explore the directory with a Linux-based LDAP Browser.
Run the following command to stop the LDAP Server:
sudo /etc/init.d/EmpowerIDLDAPServer stop |
|
|