diff --git a/READMEnew.md b/READMEnew.md deleted file mode 100644 index 5db0dd5..0000000 --- a/READMEnew.md +++ /dev/null @@ -1,140 +0,0 @@ -# ldapdock -*_a configurable container running openLDAP_* - -A step by step approach on how to setup and run the openLDAP server on a classic systemd-less Docker image container, **optional steps are marked with __*__** - -### _Creating the ldapdock image container_ - -build ldapdock -``` -> docker build -t ldapdock /path/to/dockerfile -``` - -__*__ after build, check the docker image has been created properly with the given REPOSITORY name -``` -> docker images -REPOSITORY TAG IMAGE ID CREATED SIZE -ldapdock latest 0e4a1521b346 6 hours ago 138MB -``` - -run into the container to setup openLDAP -``` -> docker run -h example.com -i -t ldapdock /bin/bash -``` -### _Inside the ldapdock image container_ - -make sure to use the following command to start openLDAP -``` -root@example:/# slapd -h "ldap:/// ldapi:///" -g openldap -u openldap -F /etc/ldap/slapd.d -``` - -test connectivity to slapd -``` -root@example:/# ldapsearch -x -H ldap://localhost -b "dc=example,dc=com" -s base "(objectclass=*)" -# extended LDIF -# -# LDAPv3 -# base with scope baseObject -... -``` - -make new test LDAP directories (LDAP OU) and create two attributes/branches with People and Group -``` -root@example:/# vim base.ldif -``` - -``` -dn: ou=People,dc=example,dc=com -objectClass: organizationalUnit -ou: People - -dn: ou=Groups,dc=example,dc=com -objectClass: organizationalUnit -ou: Group -``` - -create the test directory in our LDAP server, the password in the dockerfile by default is _admin_ -``` -root@example:/# ldapadd -x -D cn=admin,dc=example,dc=com -W -f base.ldif -Enter LDAP Password: -adding new entry "ou=People,dc=example,dc=com" - -adding new entry "ou=Groups,dc=example,dc=com" -``` - -verify the entries in the LDAP server -``` -root@example:/# ldapsearch -x -LLL -b dc=example,dc=com 'ou=People' dn -dn: ou=People,dc=example,dc=com -root@example:/# ldapsearch -x -LLL -b dc=example,dc=com 'ou=Groups' dn -dn: ou=Groups,dc=example,dc=com -``` -now we have an **Organizational Unit (ou=People, ou=Group, etc.)** with users and groups within an LDAP directory structure correctly created - -### _Users administrative tasks_ - -create a new LDAP directory called Supergirls (LDAP OU) with the following data -``` -root@example:/# vim add_ou.ldif -dn: ou=Supergirls,dc=example,dc=com -objectClass: organizationalUnit -ou: Supergirls -``` - -create it in our LDAP server, when asked for the root password, remember in the dockerfile by default is _admin_ -``` -root@example:/# ldapadd -x -D "cn=admin,dc=example,dc=com" -W -f add_ou.ldif -Enter LDAP Password: -adding new entry "ou=Supergirls,dc=example,dc=com" -``` - -verify the entry in the LDAP server -``` -root@example:/# ldapsearch -x -LLL -b "dc=example,dc=com" "(ou=Supergirls)" dn -dn: ou=Supergirls,dc=example,dc=com - -root@example:/# -``` - -create a new LDAP password to manage our new directory, and annotate the result hashed password -``` -root@example:/# slappasswd -New password: -Re-enter new password: -{SSHA}hashedpasswd -``` - -create a .ldif file with the necessary attributes to insert in our Supergirls directory -``` -root@example:/# vim add_user_supergirls.ldif -dn: uid=marisa,ou=Supergirls,dc=example,dc=com -objectClass: inetOrgPerson -objectClass: posixAccount -cn: Marisa -sn: Kirisame -givenName: Marisa -displayName: Marisa Kirisame -uid: marisa -uidNumber: 1001 -gidNumber: 5000 -homeDirectory: /home/marisa -loginShell: /bin/bash -userPassword: {SSHA}hashedpasswd -mail: marisa@example.com -``` - -insert the new user (marisa) in our Supergirls directory (LDAP OU), still using the root password _admin_ -``` -root@example:/# ldapadd -x -D "cn=admin,dc=example,dc=com" -W -f add_user_supergirls.ldif -Enter LDAP Password: -adding new entry "uid=marisa,ou=Supergirls,dc=example,dc=com" -``` - -verify the user (marisa) has been added tp tje Supergirls OU -``` -root@example:/# ldapsearch -x -LLL -b "dc=example,dc=com" "(uid=marisa)" dn -dn: uid=marisa,ou=Supergirls,dc=example,dc=com -``` - - -