intraPerson Configuration

intraPerson available as source tar or as rpm. But rpm is specific to Fedora and not tested with other rpm compatible Linux distributions. In this case I recommend compiling the source with standard procedure of configure, make and make install.

But when installing from source tar package there is an additional step apart form compiling. That additional step is running config.sh shell script. This script performs following actions:

The script is available in confighelp directory in source tar distribution.

Sample invocation looks like this:

# sh config.sh

Using default config directory /etc/intraperson
 
Trying to add intraperson user
done...
 
Trying to add intraperson group
groupadd: group intraperson exists
 
Creating configuration file...
 
Creating lock dir /var/lock/intraperson
done...
 
Creating SSL certificates
Generating a 1024 bit RSA private key
.......++++++
............................++++++
writing new private key to '/etc/intraperson/key.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
 

Once Openldap is up and running, configuring intraPerson is very easy. Only three configuration directives need to be changed from iperson.conf for minimal configuration. Here is the contents of iperson.conf:

#################################################################
#
#		Configuration file for intraPerson
#
#	Lines starting with #,; are comments.
#	Double quotes are ignored.

# SSL certs are must. intraPerson will not start otherwise.
# Must be absolute path.

# Private cert
ssl private	= /etc/intraperson/key.pem

# Public cert
ssl certificate	= /etc/intraperson/ip.pem


# ldap server location.
# ldaps:/// and ldapi:/// also can be used. ldapi:/// is prefered.
# Default is to connect to local host on 389 port.
ldap server 	= ldap://127.0.0.1:389/

# copy these values from working slapd.conf file 'as is'.
suffix		= dc=example,dc=com
rootdn		= cn=manager,dc=example,dc=com

# where to listen for incomming http connections?
# multiple ips are allowed but only one port accepted.
listen ip	= 127.0.0.1
listen port	= 8082

#mail domain for your site
mail domain	= example.com

#lock dir
lock dir	= /var/lock/intraperson

###############################################################

Among the configuration directives, following needs to be changed:

# copy these values from working slapd.conf file 'as is'.
suffix		= dc=example,dc=com
rootdn		= cn=manager,dc=example,dc=com

These values are same as in slapd.conf of Openldap. Just copy those values from working slapd.conf.

The one that needs little attention is mail domain. You need to assign the domain part of the mail you are using in your organization or intranet.

#mail domain for your site
mail domain	= example.com

If it is installed from rpm and it is Fedora distribution, just do:

[root@krishna root]# service intraperson start
[root@krishna root]# chkconfig intraperson on

If it is compiled from the source, it can be started from command prompt as:

[root@krishna root]# intraperson -c /etc/intraperson/iperson.conf \
					-u intraperson \
					-g intraperson

First login to intraPerson is special because first login by ldap root user initializes ldap databases with required ldap base entries.

Once intraPerson started, connect it to 8082 port using your browser. First login as ldap root. In slapd.conf if rootdn is given as "cn=manager,dc=example,dc=com" then login with name manager. For password, use password that was given to rootpw in slapd.conf.