These instructions are intended for new users who want to quickly learn how to use JoshuaTree Fortress and Symas OpenLDAP IAM software on Windows platform.

Follow them carefully and OpenLDAP will be installed, configured, loaded, and ready to use by Section IV

System Prerequisites

• Internet access to retrieve binary dependencies from online Maven repo.
• Java SDK Version 7 or beyond installed to target environment

• The binary dependencies are already present in FORTRESS_HOME/lib folder
• Local mode has been enabled on target machine. Local mode can be enabled by adding this property to build.properties: local.mode=true

Guidelines and Tips for first-time users

• In the document that follows, when you read [version] or [platform] substitute with current package info. For example - if the downloaded package version is 1.0.0 and platform is 'Debian Silver i386', the instructions show fortressBuilder-[platform]-[version].jar your file name would be fortressBuilder-Debian-Silver-i386-1.0.0.zip


• Does your target machine OS end with an X? Go to README-QUICKSTART.html


• The source code for this project is located in FORTRESS_HOME\src folder.

---

1. Instructions to extract and configure Fortress Builder Package to Target System

   1. Copy fortressBuilder-[platform]-[version].zip to hard drive on target server env.
   
   
   2. Extract the zip. The location for archive can vary according to requirements. The location of package will be referred to as FORTRESS_HOME later on.
   
   

---

2. Instructions to run the Fortress Ant Build

   1. From FORTRESS_HOME root folder, edit the b.bat script to point to java home:
      

      set JAVA_HOME=\Progra~1\Java\jdk1.7.0
      

   
   
   
   2. Run the distribution target:
      

      b.bat dist	    
      

      
      Note: The b.bat file referred to here uses Ant package that is local to Fortress quickstart package.
   
   
   3. Verify it ran correctly according to Ant:
      

      BUILD SUCCESSFUL
      

      
      
      
   You may now view the project binaries and documentation located under FORTRESS_HOME/dist.
   
   
   
   

---

3. Instructions to run the Builder to Install Symas OpenLDAP, configure and load with seed data

   Important: This target reinstalls and reloads the OpenLDAP server program, configuration and data.

   
   
   1. From FORTRESS_HOME root folder, edit the build.properties file, setting the 3 properties below to match your environment:
      

      
      slapd.exe.drive=C             <-- contains the drive letter for openldap server
      slapd.exe.dir=OpenLDAP        <-- contains the folder to load openldap server binaries
      fortress.home.drive=C         <-- contains the drive letter that you extracted fortress' builder package to.
      

      If you are not sure, what to use, the defaults usually work. Here's a screen shot of the build.properties.
      
      
      
      
   2. From FORTRESS_HOME root folder, enter the following command from a system prompt:

      b init-slapd
      

      
      Note: You will need to reply 'Yes' to the pop-up message:
      
      
      
      Note: You will need to reply 'Allow' to the pop-up security warning message if you intend to allow other machines to communicate with ldap server:
      
      
      
      
      
   3. Verify it ran correctly according to Ant.

      BUILD SUCCESSFUL
      

      
      
      
   4. After above step completes, Symas OpenLDAP will be installed, configured and loaded with fortress bootstrap config. This step also runs provisioning scripts which may be tailored according to requirements. Check out the xml load scripts in FORTRESS_HOME/ldap/setup folder.
      
      
   5. Point your preferred LDAP browser, ours is Apache Directory Studio, to the installed directory. The configuration parameters you'll need to browse can be found in the generated 'slapd.conf' file.
      
      To view data stored in default database:

      suffix	    "dc=jts,dc=us"
      rootdn      "cn=Manager,dc=jts,dc=us"
      rootpw      "secret"

      The root pw will be encrypted before stored in slapd.conf
      
      
      
      To view data stored in audit log database:

      suffix      "cn=log"
      rootdn      "cn=Manager,cn=log"
      rootpw      "secret"

      The log root pw will be encrypted before stored in slapd.conf
      
      
      
      

---

4. Instructions to regression test Fortress and Symas OpenLDAP on target machine

   1. From FORTRESS_HOME root folder, enter the following command from a system prompt:
      

      b test-full
      

   
   
   
   2. Verify these tests ran with no ERRORS.
      

      BUILD SUCCESSFUL	    
      

   
   
   
   3. To re-run these tests:
      

      b test-full
      

   Note 1: WARNING messages in test output are good as these are negative tests in action:
   
   
   Note 2: If you made it this far without junit or ant ERRORS, the Fortress and Symas OpenLDAP IAM system are certified to run on your machine.
   
   Note 3: These tests load tens of thousands of records into your newly installed directory. The 'init-slapd' target may be re-run after the 'test-full-init' and 'test-full' targets have completed. This will delete the test data from the directory and restart directory with a clean slate.

---

5. Instructions to run the Fortress Command Line Interpreter (CLI) utility (optional)

   This command line tool provides an interactive session with the user based on a simple command line syntax.
   
   
   1. To start the CLI, enter:

      b cli
      

      
      
      Which will bring up the command interpreter:
      
      
      
   2. enter the command:

      review fuser -u demo
      

      
      
      This example will return all users with userId that begins with 'demo':
      
      
      
      
   3. To learn more about the CLI and what it can do, follow instructions in the command line interpreter reference manual in the javadoc located here:
      
      Command Line Interpreter
      
      Note: if javadocs are not found, go to Section VII

---

6. Instructions to run Fortress Console (optional)

   For tasks like one-time setup of new users, password resets, searches the Fortress Console application can be used.
   
   
   1. From FORTRESS_HOME root folder, enter the following command from a system prompt:

      b console
      

      
      
      
   2. Console Screenshots...
      
      
      1. Main Menu:
         
         
      
      
      2. Enter choice and follow the screen prompts to edit RBAC data:
         
         
      
      
      3. Enter choice and follow the screen prompts to search RBAC data:
         
         
      
      
      4. Enter choice and follow the screen prompts to test RBAC policies:
         
         
      
      
      5. Enter choice and follow the screen prompts to setup ARBAC delegated policies:
         
         
      
      
      6. Enter choice and follow the screen prompts to search through the AUDIT log:
         

---

7. Instructions to generate and view Javadoc (optional)

   1. Run the javadoc target:

      b javadoc
      

      
      
      
   2. Navigate to where docs are genned:
   
   
   
   
   3. Open 'index.html' using your preferred HTML Browser:
   
   
   
   4. The javadoc provides coverage of the Fortress APIs and also provides explanations on how RBAC, ARBAC, PW Policies and Audit work.
   
   
   5. Good places to start learning about Fortress:
      
      
      • Fortress Manager Summary
      • RBAC Summary
      • Audit Manager
      • Command Line Interpreter
      • FortressAntTask

   ---

8. More Utilities

   Other execution targets you may find useful:
   
   
   1. 'test-samples' - contains examples of how the Fortress API's work check out the following javadoc for more info on the samples package: Samples Javadoc
   
   
   2. 'admin' - provides an XML-centric way to provision RBAC data policies and user accounts. check out the following javadoc for more info on this utility: Fortress Ant admin script utility document
   
   
   3. 'encrypt' - interface to jacypt encryption utility
   
   
   4. 'start-slapd' - Starts OpenLDAP on target machine.
   
   
   5. 'stop-slapd' - Stops OpenLDAP on target machine.
   Note: for slapd commands sudo or elevated privileges may be required.
   
   
   6. display all ant targets available: