diff --git a/dockerlog b/dockerlog deleted file mode 100644 index cd0dbbb..0000000 --- a/dockerlog +++ /dev/null @@ -1,174 +0,0 @@ -$ sudo docker run -i -t -p 389:389 -p 636:636 -p 80:80 -p 443:443 -h ${LDAP_HOST:-example.com} -v ldap_data:/var/lib/ldap -v ldap_config:/etc/ldap/slapd.d -v ldap_certs:/etc/ldap/certs -v $(pwd)/hosts-certs:/export-certs ldapdock ---> Using LDAP base DN: dc=example,dc=com ---> Starting ldapdock 0.10 ---> Temporarily relaxing security for init ---> Starting temporary slapd ---> Adding base structure -adding new entry "dc=example,dc=com" -ldap_add: Already exists (68) - -adding new entry "ou=People,dc=example,dc=com" -ldap_add: Already exists (68) - -adding new entry "ou=Groups,dc=example,dc=com" -ldap_add: Already exists (68) - -adding new entry "cn=mages,ou=Groups,dc=example,dc=com" -ldap_add: Already exists (68) - -adding new entry "uid=marisa,ou=People,dc=example,dc=com" -ldap_add: Already exists (68) - ---> Setting Marisa password to 'MarisaNewPass2025' ---> No CA found → generating certificates... -** Note: You may use '--sec-param High' instead of '--bits 4096' -Generating a 4096 bit RSA private key... -Generating a self signed certificate... -X.509 Certificate Information: - Version: 3 - Serial Number (hex): 1c24ac6bee33a476b7a7a3a3932a6dfa740bf61c - Validity: - Not Before: Sat Nov 29 20:53:35 UTC 2025 - Not After: Tue Nov 27 20:53:35 UTC 2035 - Subject: CN=Example Company CA - Subject Public Key Algorithm: RSA - Algorithm Security Level: High (4096 bits) - Modulus (bits 4096): - 00:ce:57:be:00:6b:51:34:44:9b:66:ad:f2:b0:b8:8e - c8:84:c4:4f:97:b9:25:fa:e1:f6:38:9f:46:4c:ae:53 - 26:09:ce:0b:1d:20:1e:be:cc:ec:e4:ef:d6:16:02:e4 - c5:53:fd:05:18:56:ff:3f:c0:1b:33:3d:00:75:9e:4b - ab:79:17:ff:37:5f:de:a2:5a:cb:59:d2:c4:7a:98:aa - 08:a5:b8:c2:fa:96:ea:4e:18:3e:0c:30:6d:b9:e8:71 - 91:4b:30:1a:b1:27:f3:10:e9:f4:0f:dd:ff:da:ec:3f - 0c:31:2b:48:73:59:4f:f5:6a:ab:9e:a5:20:76:1a:51 - b3:ec:81:5d:cf:9d:b3:bb:f0:8c:19:a2:18:03:f3:93 - db:31:26:c6:60:bf:4e:5e:8e:6b:2c:24:b5:8c:33:24 - 3a:58:c3:56:aa:3d:da:67:95:8c:33:06:92:fb:58:a1 - a9:a2:58:d8:96:bf:a2:4e:60:92:a7:f8:95:7e:0a:c6 - bb:a3:96:d7:87:08:ae:52:74:b3:f9:7e:d8:d7:af:b1 - a5:04:fa:59:d7:2a:be:e3:d6:b2:61:49:5d:94:a6:7b - 4a:52:25:1c:34:1d:05:28:48:cb:aa:c5:e7:d5:1d:c8 - 8b:44:80:14:e9:4f:9f:11:02:d7:0e:62:34:69:b0:c4 - d9:24:b9:12:5a:a9:a3:fd:8a:1e:77:37:90:9d:12:a4 - ba:5d:ef:09:eb:4d:cf:c7:a5:14:d0:c9:fb:c2:25:8b - 14:d2:b8:ba:32:a1:51:cd:41:21:37:a5:d2:b4:bd:08 - 59:91:d4:72:70:95:6f:65:95:14:63:bd:8d:da:7c:48 - c3:0a:d7:c2:db:5a:41:25:d4:97:59:d7:6b:42:9f:db - 1f:85:7f:b9:ac:f4:fc:4e:d1:00:d6:cd:ca:e5:f3:05 - ca:c0:87:8a:a3:fb:90:49:9a:17:18:80:a6:cf:5c:dc - 84:94:56:aa:a7:70:f3:80:73:2d:55:fa:e6:9d:bb:04 - b5:f7:4d:df:b5:cf:8d:c7:6f:b0:93:d7:43:b4:77:5b - a5:3c:dc:e5:2e:49:96:77:14:96:e0:bd:46:ba:07:14 - a5:0c:b7:95:00:2d:78:17:97:24:4e:08:f5:67:3f:e6 - 94:29:f0:2c:b8:70:9a:76:d2:e7:e5:e2:dd:e3:2b:21 - ba:b4:aa:a9:a2:2a:45:55:9f:0b:b1:0e:00:7a:70:bd - 2b:ac:b6:ef:0f:7a:a2:5f:ef:e1:a3:77:01:c4:0c:d2 - e4:12:f3:2e:23:e4:ae:84:9e:b1:3b:b0:54:57:83:83 - 71:b5:91:4a:cc:48:d0:df:79:d3:12:9d:1b:c1:6f:42 - 23 - Exponent (bits 24): - 01:00:01 - Extensions: - Basic Constraints (critical): - Certificate Authority (CA): TRUE - Key Usage (critical): - Certificate signing. - Subject Key Identifier (not critical): - 26c5266d6d2a5d7c89f2ad867b1ab85895130242 -Other Information: - Public Key ID: - sha1:26c5266d6d2a5d7c89f2ad867b1ab85895130242 - sha256:0d03842e53daddda3508273a1e6f187f6208c88f00bd2f26e328f3477fbdfcf0 - Public Key PIN: - pin-sha256:DQOELlPa3do1CCc6Hm8Yf2IIyI8AvS8m4yjzR3+9/PA= - - - -Signing certificate... -** Note: You may use '--sec-param Medium' instead of '--bits 2048' -Generating a 2048 bit RSA private key... -Generating a signed certificate... -X.509 Certificate Information: - Version: 3 - Serial Number (hex): 72056f5c71a405ec4e4e116591ccad1927b678ff - Validity: - Not Before: Sat Nov 29 20:53:35 UTC 2025 - Not After: Sun Nov 29 20:53:35 UTC 2026 - Subject: CN=example.com,O=Example Company - Subject Public Key Algorithm: RSA - Algorithm Security Level: Medium (2048 bits) - Modulus (bits 2048): - 00:bc:c4:c1:e4:86:8d:84:3f:23:23:48:8c:f9:38:f9 - 9b:7d:db:27:71:ee:d4:31:35:98:a0:25:de:d2:82:b7 - 6d:5c:14:7b:b9:33:a4:74:29:53:a5:9c:55:ed:45:f2 - 2f:41:f3:78:43:82:47:7c:63:ed:41:9b:9a:e5:63:cf - 92:dd:b9:ea:63:2c:e0:8f:bd:3b:bf:a3:d3:45:b6:02 - a4:7e:b8:df:60:74:dc:fe:98:8c:8e:09:91:96:fe:bb - ff:c2:4f:f5:41:ce:16:e4:98:b2:01:b6:53:5b:fb:36 - 9b:04:ab:d4:8f:b8:44:e9:09:48:dc:19:62:52:7f:91 - 3c:9c:3c:5f:03:e5:6a:89:0b:ca:27:75:7c:e6:ff:87 - b0:25:eb:ce:9e:f3:b3:b3:a2:0d:55:96:73:7b:50:da - 4e:48:85:83:e0:9a:74:50:a2:53:e3:95:a0:94:ef:c1 - 18:cc:03:30:07:6e:86:57:51:13:c3:ed:aa:fe:9e:ed - d8:07:23:cd:2f:a4:8e:56:37:74:a6:81:b0:9e:1e:51 - f2:1d:a6:8e:62:a6:ad:69:a2:5c:b9:4b:cf:07:6a:d4 - 85:f7:ef:8e:0a:a1:46:67:16:52:8c:9c:e1:dc:07:b0 - 77:20:fb:fa:8f:0b:d5:7d:55:21:94:8d:80:22:d9:b9 - e3 - Exponent (bits 24): - 01:00:01 - Extensions: - Basic Constraints (critical): - Certificate Authority (CA): FALSE - Key Purpose (not critical): - TLS WWW Server. - Key Usage (critical): - Digital signature. - Key encipherment. - Subject Key Identifier (not critical): - 86037ea8ffac7903da768321f2f2a2450fc77e48 - Authority Key Identifier (not critical): - 26c5266d6d2a5d7c89f2ad867b1ab85895130242 -Other Information: - Public Key ID: - sha1:86037ea8ffac7903da768321f2f2a2450fc77e48 - sha256:5701dd907fa34b802152712ec801da0640b5baea979eb2cbbf4dea1abb628be3 - Public Key PIN: - pin-sha256:VwHdkH+jS4AhUnEuyAHaBkC1uuqXnrLLv03qGrtii+M= - - - -Signing certificate... ---> Starting second temporary slapd to apply TLS config -SASL/EXTERNAL authentication started -SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth -SASL SSF: 0 -modifying entry "cn=config" - -Updating certificates in /etc/ssl/certs... -rehash: warning: skipping ca-certificates.crt,it does not contain exactly one certificate or CRL -1 added, 0 removed; done. -Running hooks in /etc/ca-certificates/update.d... -done. ---> Exporting certificates to host volume... ---> Starting final strict slapd — you keep your shell ---> ldapdock ready — marisa password = MarisaNewPass2025 -root@example:/etc/ldap/certs# ldapsearch -x -D "cn=admin,dc=example,dc=com" -w admin -b "dc=example,dc=com" "(uid=marisa)" dn -# extended LDIF -# -# LDAPv3 -# base with scope subtree -# filter: (uid=marisa) -# requesting: dn -# - -# marisa, People, example.com -dn: uid=marisa,ou=People,dc=example,dc=com - -# search result -search: 2 -result: 0 Success - -# numResponses: 2 -# numEntries: 1