Open topic with navigation

Project - LDAP Database Creation

In order to understand better how to use LDAP Security on ScriptCase, we are going to learn how to create a LDAP Database and get the data to build, on ScriptCase, a security module using it. On Windows Server, there is a native way to install and configure the Active Directory with the LDAP database:

Creating a LDAP Database on Windows Server.

Creating a simple LDAP Database on Linux.


Creating a LDAP Database on Windows Server.

Server Manager

Image 01: Server manager option on the startup menu.

In Windows Server is natively possible to create a LDAP database to feed an Active Directory structure. We will need to access the Server Manager to install the Active Directory service. First, locate the Server Manager on the Startup Menu and launch it.


Image 02: Server Manager Main window.

In its main window, access the "Roles" Option, and create a new role using "Add Roles"


Image 03: Roles.


Add Role Wizard

Image 04: Add Role Wizard home.

Read and follow this page recomendations and then continue.


Image 05: Choosing services to install.

This page allows us to choose the services we want to install to the role we are adding. Check the option "Active Directory Domain Services" and continue


Image 06: Active Directory Domain Services.

There is some important notes about the Active Directory Domain Services in this page.


Image 07: Installation.

This page show what will be installed from now. To proceed with the installation click the "Install" button. After the processing, there will be shown the "Results" window with the installation log.


Image 08: Results.



Domain Controller

Image 09: Active Directory role page.


Image 10: AD DS Install Wizzard.

This wizzard will create our domain(or associate an existing one).


Image 11: OS compatibility.


Image 12: Creating a new tree.

To create a new tree, select the "Create a new domain in a forest" option and click "Next" to set up its name.


Image 13: Setting up a domain Qualified Name.

For this example we are going to use as the domain name.


Image 14: Setting the functional level for

This step will define the computers that will be able to become domain servers or delegate controllers.


Image 15: Additional options.

To make sure that other computers will be able to find this domain, turn it on a DNS server or use your default DNS server, relationing the domain name to the AD server's IP adress.


Image 16: Defining database, log and SYSVOL path.

Here you can define the path for the LDAP database, the log files and the SYSVOL. There is no need to change this in most of cases.


Image 17: Setting up a Restore Mode password.

This password will allow you to access the AD server's Restore Mode, it is not related with the LDAP admin password.


Image 18: Installation summary.


Image 19: Installation progress.


Image 20: Installation finished.


Creating a New User

Image 21: Creating new user Object.

Select the "Active Directory Users and Computers" option under the AD DS menu, then select your domain and right click to create a new user object. Insert the user data and define a new password for it. Then confirm the changes to finish the process.


Image 22: New User data.


Image 23: Defining user's password.


Image 24: Object Created.




This tutorial created a LDAP authentication environment. The authentication data for this example are:

DN DC=admartini,DC=scriptcase,DC=info
User Name CN=Henrique C. Barros,DC=admartini,DC=scriptcase,DC=info OR



Creating a simple LDAP Database on Linux.

Installing and configuring slapd

We are going to use OpenLDAP(slapd) to build a LDAP database accessible for the security module WITHOUT simulating an Active Directory. This tutorial will create an LDAP server and a single user for access.


Image 01: Installing slapd.

In a Debian-based system, we need to use apt-get to retrieve and install slapd.


Image 02: Using dpkg-reconfigure to change slapd settings.

After the installation, we must configure the settings for the slapd. To do so, we must use dpkg-reconfigure to build.


Image 03: Configuring slapd.

Select the "No" option and press Enter to continue.


Image 04: Defining domain name.

Choose your domain name.


Image 05: Defining organization name.

Type the organization name and press Enter to continue.


Image 06: Setting up admin password.

Define the admin password and press Enter to confirm it.


Image 07: Defining database engine backend.

This screen allows us to choose the Database backend. We recommend you to use HDB. Press enter to proceed and then choose to clean your previous DB.


Image 08: Purging previous DB.


Image 09: Moving old files.

Adding a new user

First of all, you must create a LDIF file with the info about the user on it:
user@computer:~$ touch hbarros.ldif

This is the content we are using for this sample file:


# Object 1: uid=hbarros,dc=admartini,dc=scriptcase,dc=info
dn: uid=hbarros,dc=admartini,dc=scriptcase,dc=info
objectclass: account
objectclass: simpleSecurityObject
objectclass: top
uid: hbarros
userpassword: {MD5}6jAUXhUfuutm7cbFC6oVUA==


Now we are ready to put it on the database itself.

Get admin rights:
user@computer:~$ su

Stop the lapd service:
root@computer:/home/user# /etc/init.d/sladp stop

Use slapadd to import the file:
root@computer:/home/user# slapadd -l /home/user/hbarros.ldif

Restart the service.
root@computer:/home/user# /etc/init.d/slapd start




This tutorial created a LDAP authentication environment. The authentication data for this example are:

DN DC=admartini,DC=scriptcase,DC=info
User Name UID=hbarros,DC=scriptcase,DC=info