Setting Up the User List File with the LDAP Import Utility

From ELC
Jump to: navigation, search

Go Up to Configuring AppWave Enterprise License Center

To help reduce the amount of work involved in setting up concurrent or named user licenses for large sites, the ELC can import a list of users from an LDAP server using the LDAP Import Utility. Both OpenLDAP and Windows Active Directory servers can be queried using this feature. If you have any questions on what values to use with command-line arguments, please check with your LDAP server administrator.

To import users via the LDAP Import Utility

  • Use Setup Wizard, advance to Users and Groups, select tab Import from LDAP
  • Alternatively, select either Concurrent Users or Named Users from the main menu and click Import from LDAP button

To run command line LDAP Import Utility

  • To run the LDAP import utility, use the following command when the ELC is running:

elise cmd ldapimport -identifier -server <ldap server hostname> -type <FLOATING|NAMED>

[-port <ldap server port>][-user <user DN>] [-pass <user password>]
[-base <base DN for search>][-filter <filter for search>]
[-mode <overwrite|append>] [-maxborrow <borrowtime>]

The following table lists the required and optional arguments for the LDAP Import utility.

Required arguments for the LDAP Import Utility

Argument Description
-identifier The product identifier. This is located in your readme.txt file.
-server <ldap server hostname> The hostname of the LDAP server from which users are imported. This can be either an OpenLDAP or Microsoft Active Directory LDAP server.
-type <FLOATING|NAMED> The type of license to enable for the imported users. Users are added to the user list for a particular license type and product identifier.
-port <ldap server port> The port of the LDAP server from which users are imported. The standard LDAP port of 389 is used if no port is specified. To search the entire domain tree of an active directory server, use port 3268.
-user <user DN> The User DN for the LDAP user which are running the search. Some servers may allow anonymous searches. An anonymous search is attempted if the -user argument is not used.
-pass <user password> The password for the User DN provided in the -user argument.
-base <base DN for searching> The base DN used for the search. A default base for the particular server type detected is used if this is not set.
-filter <search filter> The filter used in the search. A default filter for the particular server type detected is used if this is not set. An LDAP search filter looks something like: (&(cn=*)(uid=*))
-mode <overwrite|append> The mode for importing users into the user list. The overwrite argument replaces users in the file, overwriting the existing settings for the users imported. The append argument appends users to the end of the file. This is the default setting.
-maxborrow <borrow time> The maximum borrow time for the imported users. Time is specified using the format days:hours. Days are optional and hours are converted to days if greater than 1 day. This defaults to 0.

After successfully executing the LDAP import command, examine the userlist.txt or userlist-concurrent.txt file and verify that the entries have the expected values. Once you are satisfied with the user list, you will need to restart the ELC to activate these users. If you are serving licenses for other products, you need to run the import per product, or edit the users in the text file.

See Also