A tip for ForgeRock OpenDJ

OpenDJ Tips For ForgeRock IAM Image

Normally, after OpenDJ installation, when we use any OpenDJ commands under $OpenDJ_Path/bin, we have to include parameters like hostname, baseDN etc. For example:

./ldapsearch --hostname localhost --port 1389 --baseDN="ou=people,dc=example,dc=com" --bindDN="cn=directory manager" --bindPassword=yourpassword  uid=* dn
dn: uid=user.0,ou=people,dc=example,dc=com

dn: uid=user.1,ou=people,dc=example,dc=com

dn: uid=user.2,ou=people,dc=example,dc=com

dn: uid=user.3,ou=people,dc=example,dc=com

This could be annoying and unsafe, because the user and password are in plain txt and can be reviewed from history.

We can apply a tip to solve this problem:

./ldapsearch uid=* dn
dn: uid=user.0,ou=people,dc=example,dc=com

dn: uid=user.1,ou=people,dc=example,dc=com

dn: uid=user.2,ou=people,dc=example,dc=com

dn: uid=user.3,ou=people,dc=example,dc=com

The secret is adding a tools.properties under ~/.opendj:

cat ~/.opendj/tools.properties
hostname=localhost
port=4444
bindDN=cn=Directory Manager
bindPassword=yourpassword
baseDN=ou=people,dc=example,dc=com
searchScope=sub
ldapsearch.port=1389
ldapcompare.port=1389
ldapmodify.port=1389
ldapdelete.port=1389
trustall=true

The location ~/.opendj will work for every version OpenDJ I tested. For OpenDJ 2.x, we can also put the tools.properties under $OpenDJ_Path/config/tools.properties

references:

https://opendj.forgerock.org/doc/admin-guide/index/appendix-file-layout.html

https://docs.oracle.com/cd/E19450-01/820-6171/using-a-properties-file.html