Permalink
Browse files

Added README, and basic instructions on bringing up slapd.

  • Loading branch information...
ccontavalli committed Apr 3, 2013
1 parent 3a9dada commit e939868b5d9a54ccca044a9f28cdf7d39370adbb
Showing with 107 additions and 43 deletions.
  1. +83 −0 README.md
  2. 0 {conf → examples}/base.ldiff
  3. +24 −43 examples/slapd.conf
View
@@ -0,0 +1,83 @@
What is this?
=============
ldap-torture is a set of perl libraries and tools to torture your ldap
installation, and verify that it is up to your production standards!
When we say torture we really mean send randomized search, inserts,
delete, moves, ... with an high degree of configurability, with the
idea of producing a load that might be similar to what you will experience
in your production environment.
The focus of the tool is in correctness and finding problems: for each
operation, it verifies that the result is as expected, or close enough
to what is expected. It reports crashes or unexpected results.
If you need a loadtest instead, verifying how many requests per seconds
your ldap installation can take, this might not be the right tool. However,
it might be a reasonable starting point.
It was written a long time ago, around 2004, and used a few times
since, and finally uploaded on a public repository.
Getting started
===============
We assume here that you have a Debian based system, you want to test
openldap, and you are ok with using the included example config file.
For other systems, the instructions here should be enough to get you
started.
1) Install openldap and useful tools:
$ sudo apt-get install slapd ldap-utils
2) Create a database directory (has to be the same one specified in
your slapd.conf file):
$ mkdir -p /tmp/slapd
3) Create an empty ldap database with basic data:
$ /usr/sbin/slapadd -f ./examples/slapd.conf < ./examples/base.ldiff
4) Start slapd. I generally suggest to start it with debugging enabled
until you can get it running successfully:
$ /usr/sbin/slapd -d'Any' -f./examples/slapd.conf -h "ldap://127.0.0.1:9009/"
Note that this will start slapd listening on port 9009 on localhost
only.
5) Verify that slapd is up and running:
$ ldapsearch -x -H "ldap://127.0.0.1:9009/" -b dc=test,dc=it
Note that slapd has been configured to ask for no password. An error here
most likely means that slapd had some trouble starting. Errors are not
always well reported by slapd, you might find the information you need
to troubleshoot by scrolling up the screen where you started slapd,
or checking /var/log/syslog (as root).
6) Once ldapsearch succeeds, you are ready to rock! you probably want
to killall -TERM slapd, and restart it without -d Any, so to avoid
spamming your screen.
7) Run ldap-torture.
Issues? Questions? Updates?
===========================
Please use the github pages. In particular, you can find:
* Latest tarball and all previous versions:
https://github.com/ccontavalli/ldap-torture/tags
* Latest source code:
https://github.com/ccontavalli/ldap-torture/
* Report issues / ask questions:
https://github.com/ccontavalli/ldap-torture/issues
File renamed without changes.
View
@@ -14,34 +14,34 @@ allow bind_v2 bind_anon_cred bind_anon_dn update_anon
include /etc/ldap/schema/core.schema
## pigeonair required schemes
include /etc/ldap/pigeonair/generic.schema
include /etc/ldap/pigeonair/domains.schema
## modules schema
include /etc/ldap/pigeonair/mailStore.schema
include /etc/ldap/pigeonair/mailForward.schema
include /etc/ldap/pigeonair/mailHidden.schema
include /etc/ldap/pigeonair/mailAlias.schema
include /etc/ldap/pigeonair/mailAntivirus.schema
include /etc/ldap/pigeonair/mailNewsletter.schema
include /etc/ldap/pigeonair/mailSanitizer.schema
include /etc/ldap/pigeonair/mailVacation.schema
include /etc/ldap/pigeonair/mailAntispam.schema
#include /etc/ldap/pigeonair/generic.schema
#include /etc/ldap/pigeonair/domains.schema
#
### modules schema
#include /etc/ldap/pigeonair/mailStore.schema
#include /etc/ldap/pigeonair/mailForward.schema
#include /etc/ldap/pigeonair/mailHidden.schema
#include /etc/ldap/pigeonair/mailAlias.schema
#include /etc/ldap/pigeonair/mailAntivirus.schema
#include /etc/ldap/pigeonair/mailNewsletter.schema
#include /etc/ldap/pigeonair/mailSanitizer.schema
#include /etc/ldap/pigeonair/mailVacation.schema
#include /etc/ldap/pigeonair/mailAntispam.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
# Schema check allows for forcing entries to
# match schemas for their objectClasses's
schemacheck on
#schemachecking on
# Where the pid file is put. The init.d script
# will not stop the server if you change this.
pidfile /var/run/slapd/slapd.pid
pidfile /tmp/slapd/slapd.pid
# List of arguments that were passed to the server
argsfile /var/run/slapd.args
argsfile /tmp/slapd/slapd.args
# Read slapd.conf(5) for possible values
loglevel 0
@@ -50,13 +50,12 @@ loglevel 0
modulepath /usr/lib/ldap
moduleload back_hdb
#######################################################################
# Specific Backend Directives for bdb:
# Backend specific directives apply to this backend until another
# 'backend' directive occurs
backend hdb
checkpoint 1024 30
cachesize 10000
#backend hdb
#######################################################################
# Specific Backend Directives for 'other':
@@ -71,10 +70,13 @@ cachesize 10000
database hdb
# The base of your directory in database #1
suffix "dc=pippo,dc=it"
suffix "dc=test,dc=it"
checkpoint 1024 30
cachesize 10000
# Where the database file are physically stored for database #1
directory "/var/lib/ldap/deliver"
directory "/tmp/slapd/"
# Indexing options for database #1
index objectClass eq
@@ -90,11 +92,7 @@ lastmod on
# Others should not be able to see it, except the
# admin entry below
# These access lines apply to database #1 only
access to attrs=userPassword
by dn="cn=admin,dc=pippo,dc=it" write
by anonymous auth
by self write
by * none
access to * by * write
# Ensure read access to the base for things like
# supportedSASLMechanisms. Without this you may
@@ -127,20 +125,3 @@ access to *
# The base of your directory for database #2
#suffix "dc=debian,dc=org"
database hdb
# The base of your directory in database #1
suffix "dc=test,dc=it"
# Where the database file are physically stored for database #1
directory "/var/lib/ldap/tester"
# Indexing options for database #1
index objectClass eq
# Save the time that the entry gets modified, for database #1
lastmod on
access to * by * write

0 comments on commit e939868

Please sign in to comment.