The Penrose Project

• Overview
  • News
  • FAQ
  • Features
  • Licenses
  • Download
  • Demo
• Documentation
  • Quick Start
  • Version 1.2 (in development)
    • Complete
    • Server User Guide
    • Studio User Guide
    • Developer Guide
    • Embedding Penrose
    • Javadoc
  • Version 1.1 (stable)
    • Complete
    • Server User Guide
    • Studio User Guide
    • Developer Guide
    • Embedding Penrose
    • Javadoc
  • Use Cases
  • Community Wiki
• Developer
  • Nightly Builds
  • Code Repository
  • Road Map
  • Change Log
  • Project Management
• Support
  • WebChat
  • Forum & List
  • Bug/Feature Tracker
  • Team
  • Contact

Configuration

Penrose Server configuration file is located in PENROSE_SERVER_HOME/conf/server.xml.

<server>

  <service name="JMX Service">
    <service-class>org.safehaus.penrose.management.PenroseJMXService</service-class>
  </service>

  <service name="LDAP Service">
    <service-class>org.safehaus.penrose.ldap.PenroseLDAPService</service-class>
  </service>

  <schema path="schema/autofs.schema"/>
  <schema path="schema/corba.schema"/>
  <schema path="schema/core.schema"/>
  <schema path="schema/cosine.schema"/>
  <schema path="schema/apache.schema"/>
  <schema path="schema/collective.schema"/>
  <schema path="schema/inetorgperson.schema"/>
  <schema path="schema/java.schema"/>
  <schema path="schema/krb5kdc.schema"/>
  <schema path="schema/nis.schema"/>
  <schema path="schema/system.schema"/>
  <schema path="schema/apachedns.schema"/>

  <adapter name="JDBC">
    <adapter-class>org.safehaus.penrose.connector.JDBCAdapter</adapter-class>
  </adapter>

  <adapter name="JNDI">
    <adapter-class>org.safehaus.penrose.connector.JNDIAdapter</adapter-class>
  </adapter>

  <partition name="DEFAULT" path="conf"/>

  <root>
    <root-dn>uid=admin,ou=system</root-dn>
    <root-password>secret</root-password>
  </root>

</server>

System Properties

See System Properties.

Services

See Services.

Schemas

See Schema.

Interpreter

See Interpreter.

Entry and Source Cache

See Cache.

Session Handler

See Session Handler.

Engine

See Engine.

Connector

See Connector.

Adapters

See Adapters.

Partitions

See Partitions.

Root DN and Password

The root user has full access to Penrose. When running Penrose in embedded environment, you can set the root DN and password to anything you like.

If you are running Penrose as a stand-alone server (with LDAP service enabled), there are some restrictions. The LDAP service contains some built-in entries under ou=system suffix. These entries are stored in an internal storage. To work with the LDAP service, the root DN must be "uid=admin,ou=system" and the password is set to "secret" initially. When you start Penrose server, the root password in server.xml will be compared to the root password in the internal storage. If it doesn't match, the server will fail to start.

To change the root password in stand-alone mode, you need to bind to the server as "uid=admin,ou=system" and perform an ldapmodify operation as follows:

ldapmodify -h localhost -p 10389 -D uid=admin,ou=system -w <old password>
dn: uid=admin,ou=system
userPassword: <new password>

This operation will change the password in the internal storage, not in the server.xml. You also need to change the root password in server.xml manually so that you can start the server again later.