Provider Registry Server Install Notes: Difference between revisions

From IHRIS Wiki
(34 intermediate revisions by 2 users not shown)
Line 20: Line 20:

Link to bzr:
Link to bzr (Ubuntu):
<source lang='bash'>
<source lang='bash'>
sudo cp [ ~/rhea-pr/ldap/provider.schema] /etc/ldap/schema
sudo cp ~/rhea-pr/ldap/provider.schema /etc/ldap/schema
sudo chmod 644 /etc/ldap/schema/provider.schema
sudo chmod 644 /etc/ldap/schema/provider.schema
sudo chown root:root /etc/ldap/schema/provider.schema
sudo chown root:root /etc/ldap/schema/provider.schema
sudo cp [ ~/rhea-pr/ldap/slapd.conf] /etc/ldap/slapd.conf   
sudo cp ~/rhea-pr/ldap/slapd.conf /etc/ldap/slapd.conf   
sudo chmod 644 /etc/ldap/slapd.conf
sudo chmod 644 /etc/ldap/slapd.conf
sudo chown openldap:openldap /etc/ldap/slapd.conf
sudo chown openldap:openldap /etc/ldap/slapd.conf
<source lang='bash'>
sudo mv /etc/ldap/slapd.d /etc/ldap/slapd.d.backup_`date +"%d_%m_%y"`
sudo mv /etc/ldap/slapd.d /etc/ldap/slapd.d.backup_`date +"%d_%m_%y"`
sudo mkdir /etc/ldap/slapd.d   
sudo mkdir -p /etc/ldap/slapd.d   
sudo chown -R openldap:openldap /etc/ldap/slapd.d
sudo chown -R openldap:openldap /etc/ldap/slapd.d
sudo chmod 755 /etc/ldap/slapd.d
sudo chmod 755 /etc/ldap/slapd.d
Line 40: Line 36:
sudo /etc/init.d/slapd start
sudo /etc/init.d/slapd start
Note source files are:
*[ ldap/provider.schema]
*[ lpap/slapd.conf]

==Load Base Organizational Units==
==Load Base Organizational Units==
Saved in bzr file [ ldap/base_organizational_units.ldif]
Saved in bzr file [ ldap/base_organizational_units.ldif]

<source lang='bash'>
<source lang='bash'>
sudo /etc/init.d/slapd stop
sudo /etc/init.d/slapd stop
sudo -su openldap slapadd -l base_organizational_units.ldif
sudo -su openldap slapadd -l ~/rhea-pr/ldap/base_organizational_units.ldif
sudo /etc/init.d/slapd start
sudo /etc/init.d/slapd start

==Load User Data==
Saved in bzr file [ ldap/admin_pass.ldif]

==Changing admin password==
Saved in bzr file [ ldap/admin_pass.ldif]
We need to copy and edit in a new location because we will set the password
Generate admin password:
<source lang='bash'>
<source lang='bash'>
sudo /etc/init.d/slapd stop
sudo -su openldap slapadd -l ~/rhea-pr/ldap/admin_pass.ldif
sudo /etc/init.d/slapd start
should give you something like:
New password:
Re-enter password:
Now we need to add this to the admin_pass.ldif by changing:

==Load Sample iHRIS Data==
userPassword: {SSHA}GjvNQ/pWBDY568jLRFPoTNJsuKTohwrA
Saved in bzr file [ ldap/ihris_sample_export.ldif]
userPasswrod: {SSHA}d2BamRTgBuhC6SxC0vFGWol31ki8iq5m

<source lang='bash'>
<source lang='bash'>
sudo /etc/init.d/slapd stop
sudo /etc/init.d/slapd stop
sudo -su openldap slapadd -l admin_pass.ldif
sudo -su openldap slapadd -l ~/rhea-pr/ldap/ihris_sample_export.ldif
sudo /etc/init.d/slapd start
sudo /etc/init.d/slapd start

==Load Sample iHRIS Data==
==OpenLDAP Web Services==
Saved in bzr file [ ldap/ihris_sample_export.ldif]
Do a:
<source lang='bash'>
ln -s ~/rhea-pr/webservices /var/www
You will also need to set the passwords in the files:
Now webservices will be on http://localhost/webservices. These include:
*[http://localhost/webservices/api.php  Self Documenting API]
*[http://localhost/webservices/lookupbyid/epid?id_type=NID&id_number=5871571 lookupbyid/epid]
*[http://localhost/webservices/lookupbyid/nid?id_type=EPID&id_number=5fb07976-64dd-1031-9146-79bc5f92ba24 lookupbyid/nid] Note that this one may not return a result as the EPID may not be in your sample data

<source lang='bash'>
Currently the EC2 instance is at so you should be able to access the webservices here:
sudo /etc/init.d/slapd stop
sudo -su openldap slapadd -l ihris_sample_export.ldif
sudo /etc/init.d/slapd start
*  Note that this one may not return a result as the EPID may not be in your sample data

==Testing Data Load==
===Getting sample NIDs===
For a list of valid NIDs to search on you can do:
<source lang='bash'>
<source lang='bash'>
ldapsearch -xLLL -b "dc=moh,dc=gov,dc=rw" uid=person\|9049
grep ^nid ~/rhea-pr/ldap/ihris_sample_export.ldif | awk -F": " '{print $2}'
should produce something like
which should return a list of (randomly generated) NIDs starting with:
dn: uid=person|9049,ou=paid_public_sector,dc=moh,dc=gov,dc=rw
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: providerPerson
uid: person|9049
cn: Prout Biawriav
givenName: Prout
sn:: Qmlhd3JpYXYg
nid:: MSA=
mutuelle: 2
employeeType:: UGFpZCBQdWJsaWMgU2VjdG9yIA==
c:: VEYg
co: Taifafeki
So for example, you can lookup the EPID of someone with NID 3525410 by:
==OpenLDAP Web User Interface==
The administrative web interface is here:
E-mail Carl Leinter ( if you need the password for the EC2 instance.

==OpenLDAP Web Services==
For example, you can see (the first 25) of your providers [*&display_attrs=cn%2C+sn%2C+uid%2C+postalAddress%2C+telephoneNumber&orderby=&search=Search here]
Do a "ln -s /path/to/bzr/webservices /var/www"  and the webservices will be on http://localhost/webservices. These include:

==OpenLDAP Web User Interface==

Use for your login:
and the password is what you chose above

Note, the DN (distinguished name) your should use is:
You need to edit the file "/etc/phpldapadmin/config.php" to change the login bind_id to:
<source lang='php'>
you also need to set the server base to:
<source lang='php'>

You can see all of your providers [http://localhost/phpldapadmin/cmd.php?cmd=query_engine&server_id=1&query=none&format=list&showresults=na&base=dc%3Dmoh%2Cdc%3Dgov%2Cdc%3Drw&scope=sub&filter=objectClass%3D*&display_attrs=cn%2C+sn%2C+uid%2C+postalAddress%2C+telephoneNumber&orderby=&size_limit=50&search=Search here]
Use for your login the password you chose above.

Line 152: Line 161:
Shortest transaction:         0.00
Shortest transaction:         0.00
==Simplified User Interface==
The simplified user interface can be accessed here:
*bootstrap css has been incorporated. 
*Rwanda administrative units have been incorporated
*Rwanda facilities have been incorporated
*provider demographic and posting data structure  implemented
*search functionality is implemented.
===Install Instructions===
*Install the [[Linux (Ubuntu) Installation - Supporting Software]]
*bzr branch lp:i2ce ~/I2CE
*bzr branch lp:ihris-common ~/ihris-common
*Edit the ~/rhea-pr/UserInterface/pages/local/config.values.php as needed (XXXX = user name)
**$i2ce_site_i2ce_path = "/home/XXXX/I2CE";
$i2ce_site_dsn = 'mysql://rhea:YYYY@unix(/var/run/mysqld/mysqld.sock)/rhea_pr' ;;
$i2ce_site_module_config = "/home/XXXX/rhea-pr/UserInterface/Provider-Registry-Rwanda.xml";
==OS X==
See [[Mac_Install_Notes]] before starting, in particular the LDAP section
<source lang='bash'>
sudo launchctl stop org.openldap.slapd
sudo cp ~/rhea-pr/ldap/provider.schema /etc/openldap/schema
sudo chmod 644 /etc/openldap/schema/provider.schema
sudo chown root:wheel /etc/openldap/schema/provider.schema
sudo cp  ~/rhea-pr/ldap/slapd.conf.osx /etc/openldap/slapd.conf 
sudo chmod 644 /etc/openldap/slapd.conf
sudo chown root:wheel /etc/openldap/slapd.conf
sudo mv /etc/openldap/slapd.d /etc/openldap/slapd.d.backup_`date +"%d_%m_%y"`
sudo mkdir -p /etc/openldap/slapd.d 
sudo chown -R root:wheel /etc/openldap/slapd.d
sudo chmod 755 /etc/openldap/slapd.d
sudo slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d
sudo chown -R root:wheel /etc/openldap/slapd.d
sudo -su root slapadd -l ~/rhea-pr/ldap/admin_pass.ldif
sudo -su root slapadd -l ~/rhea-pr/ldap/base_organizational_units.ldif
sudo -su root slapadd -l ~/rhea-pr/ldap/ihris_sample_export.ldif
sudo launchctl start org.openldap.slapd

Latest revision as of 04:15, 18 March 2013

Installation and configuration notes on Ubuntu 12.04 (Precise).

All files are in hosted on launchpad


Installation instructions for Amazon EC2 instance running Ubuntu 12.04 LTS 64-bit w/ PHP 5.3 and key/pair in the file ~/.ssh/ec2-pr.pem <source lang='bash'> ssh -i ~/.ssh/ec2-pr.pem -l ubuntu sudo apt-get install bzr slapd ldap-utils phpldapadmin cd ~/ bzr branch lp:rhea-pr </source> Note, you will be asked for the administrator password for ldap.

Configure Custom Schema

See this for more detailed explanations.

<source lang='bash'> sudo /etc/init.d/slapd stop </source>

Link to bzr (Ubuntu): <source lang='bash'> sudo cp ~/rhea-pr/ldap/provider.schema /etc/ldap/schema sudo chmod 644 /etc/ldap/schema/provider.schema sudo chown root:root /etc/ldap/schema/provider.schema sudo cp ~/rhea-pr/ldap/slapd.conf /etc/ldap/slapd.conf sudo chmod 644 /etc/ldap/slapd.conf sudo chown openldap:openldap /etc/ldap/slapd.conf sudo mv /etc/ldap/slapd.d /etc/ldap/slapd.d.backup_`date +"%d_%m_%y"` sudo mkdir -p /etc/ldap/slapd.d sudo chown -R openldap:openldap /etc/ldap/slapd.d sudo chmod 755 /etc/ldap/slapd.d sudo slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d sudo chown -R openldap:openldap /etc/ldap/slapd.d sudo /etc/init.d/slapd start </source> Note source files are:

Load Base Organizational Units

Saved in bzr file ldap/base_organizational_units.ldif

<source lang='bash'> sudo /etc/init.d/slapd stop sudo -su openldap slapadd -l ~/rhea-pr/ldap/base_organizational_units.ldif sudo /etc/init.d/slapd start </source>

Load User Data

Saved in bzr file ldap/admin_pass.ldif

<source lang='bash'> sudo /etc/init.d/slapd stop sudo -su openldap slapadd -l ~/rhea-pr/ldap/admin_pass.ldif sudo /etc/init.d/slapd start </source>

Load Sample iHRIS Data

Saved in bzr file ldap/ihris_sample_export.ldif

<source lang='bash'> sudo /etc/init.d/slapd stop sudo -su openldap slapadd -l ~/rhea-pr/ldap/ihris_sample_export.ldif sudo /etc/init.d/slapd start </source>

OpenLDAP Web Services

Do a: <source lang='bash'>

ln -s ~/rhea-pr/webservices /var/www

</source> You will also need to set the passwords in the files:

  • ~/rhea-pr/webservices/test.php
    • ~/rhea-pr/webservices/lookupbyid/epidtest.php

Now webservices will be on http://localhost/webservices. These include:

Currently the EC2 instance is at so you should be able to access the webservices here:

Getting sample NIDs

For a list of valid NIDs to search on you can do: <source lang='bash'> grep ^nid ~/rhea-pr/ldap/ihris_sample_export.ldif | awk -F": " '{print $2}' </source> which should return a list of (randomly generated) NIDs starting with:


So for example, you can lookup the EPID of someone with NID 3525410 by:

OpenLDAP Web User Interface

The administrative web interface is here:

E-mail Carl Leinter ( if you need the password for the EC2 instance.

For example, you can see (the first 25) of your providers here


You need to edit the file "/etc/phpldapadmin/config.php" to change the login bind_id to: <source lang='php'> $servers->setValue('login','bind_id','cn=admin,dc=moh,dc=gov,dc=rw'); </source> you also need to set the server base to: <source lang='php'> $servers->setValue('server','base',array('dc=moh,dc=gov,dc=rw')); </source>

Use for your login the password you chose above.


Test throughput with siege: <source lang='bash'>

 siege -c50 -t1M   http://localhost/webservices/lookupbyid/epid/?id_type=NID\&id_number=5871571 

</source> test 50 concurrent users for one minute on an HP Envy 13 gives:

Transactions:		        5845 hits
Availability:		      100.00 %
Elapsed time:		       59.89 secs
Data transferred:	        0.15 MB
Response time:		        0.02 secs
Transaction rate:	       97.60 trans/sec
Throughput:		        0.00 MB/sec
Concurrency:		        1.57
Successful transactions:        5845
Failed transactions:	           0
Longest transaction:	        0.20
Shortest transaction:	        0.00

Simplified User Interface

The simplified user interface can be accessed here:
  • bootstrap css has been incorporated.
  • Rwanda administrative units have been incorporated
  • Rwanda facilities have been incorporated
  • provider demographic and posting data structure implemented
  • search functionality is implemented.

Install Instructions

  • Install the Linux (Ubuntu) Installation - Supporting Software
  • bzr branch lp:i2ce ~/I2CE
  • bzr branch lp:ihris-common ~/ihris-common
  • Edit the ~/rhea-pr/UserInterface/pages/local/config.values.php as needed (XXXX = user name)
    • $i2ce_site_i2ce_path = "/home/XXXX/I2CE";

$i2ce_site_dsn = 'mysql://rhea:YYYY@unix(/var/run/mysqld/mysqld.sock)/rhea_pr' ;; $i2ce_site_module_config = "/home/XXXX/rhea-pr/UserInterface/Provider-Registry-Rwanda.xml";


See Mac_Install_Notes before starting, in particular the LDAP section

<source lang='bash'> sudo launchctl stop org.openldap.slapd sudo cp ~/rhea-pr/ldap/provider.schema /etc/openldap/schema sudo chmod 644 /etc/openldap/schema/provider.schema sudo chown root:wheel /etc/openldap/schema/provider.schema sudo cp ~/rhea-pr/ldap/slapd.conf.osx /etc/openldap/slapd.conf sudo chmod 644 /etc/openldap/slapd.conf sudo chown root:wheel /etc/openldap/slapd.conf sudo mv /etc/openldap/slapd.d /etc/openldap/slapd.d.backup_`date +"%d_%m_%y"` sudo mkdir -p /etc/openldap/slapd.d sudo chown -R root:wheel /etc/openldap/slapd.d sudo chmod 755 /etc/openldap/slapd.d sudo slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d sudo chown -R root:wheel /etc/openldap/slapd.d sudo -su root slapadd -l ~/rhea-pr/ldap/admin_pass.ldif sudo -su root slapadd -l ~/rhea-pr/ldap/base_organizational_units.ldif sudo -su root slapadd -l ~/rhea-pr/ldap/ihris_sample_export.ldif sudo launchctl start org.openldap.slapd </source>