I am trying to set up Apache DS to simulate my company Active Directory locally.
I have created a new partition to match. I then created an ldif file to add users and groups.
e.g.
##Create the root domain
dn: dc=serverfault,dc=com
objectClass: domain
objectClass: top
dc: serverfault
##Create Users and Groups roots
dn: ou=Users,dc=serverfault,dc=com
objectClass: organizationalUnit
objectClass: top
ou: Users
dn: ou=Groups,dc=serverfault,dc=com
objectClass: organizationalUnit
objectClass: top
ou: Groups
##Add users
dn: cn=Jeff Atwood,ou=Users,dc=serverfault,dc=com
objectclass: inetOrgPerson
cn: Jeff Atwood
sn: Atwood
userPrincipalName: Jeff.Atwood@serverfault.com
dn: cn=Joel Spolsky,ou=Users,dc=serverfault,dc=com
objectclass: inetOrgPerson
cn: Joel Spolsky
sn: Spolsky
userPrincipalName: Joel.Spolsky@serverfault.com
##Add groups
dn: CN=Dev,ou=Groups,dc=serverfault,dc=com
objectClass: groupOfNames
cn: Dev
member: cn=Jeff Atwood,ou=Users,dc=serverfault,dc=com
member: cn=Joel Spolsky,ou=Users,dc=serverfault,dc=com
However, this fails because ATTRIBUTE_TYPE for OID userprincipalname does not exist!. (If I take out the userPrincipalName lines everything is fine).
It is listed as an attribute on the Microsoft site https://msdn.microsoft.com/en-us/library/ms682282(v=vs.85).aspx which makes me think that it is just not included in the default Schema in ApacheDS.
I'd rather not manually add each failed attribute or object class using the GUI.
Is there a way to script it, similar to using ldif?
Best Answer
I know this is old but I was looking for something similar and I managed to emulate AD groups/roles in Apache DS by using the schemas (starting with microsoft) from this github project: https://github.com/dkoudela/active-directory-to-openldap/tree/master/schema
I imported them into Apache DS (use schema editor) and I was then able to create users with sAMAccountName, userPrincipalName & memberOf properties that I needed to replicate the target AD configuration.