Delete READMEnew.md
This commit is contained in:
parent
9132478544
commit
a76366f877
140
READMEnew.md
140
READMEnew.md
@ -1,140 +0,0 @@
|
|||||||
# ldapdock
|
|
||||||
*_a configurable container running openLDAP_*
|
|
||||||
|
|
||||||
A step by step approach on how to setup and run the openLDAP server on a classic systemd-less Docker image container, **optional steps are marked with __*__**
|
|
||||||
|
|
||||||
### _Creating the ldapdock image container_
|
|
||||||
|
|
||||||
build ldapdock
|
|
||||||
```
|
|
||||||
> docker build -t ldapdock /path/to/dockerfile
|
|
||||||
```
|
|
||||||
|
|
||||||
__*__ after build, check the docker image has been created properly with the given REPOSITORY name
|
|
||||||
```
|
|
||||||
> docker images
|
|
||||||
REPOSITORY TAG IMAGE ID CREATED SIZE
|
|
||||||
ldapdock latest 0e4a1521b346 6 hours ago 138MB
|
|
||||||
```
|
|
||||||
|
|
||||||
run into the container to setup openLDAP
|
|
||||||
```
|
|
||||||
> docker run -h example.com -i -t ldapdock /bin/bash
|
|
||||||
```
|
|
||||||
### _Inside the ldapdock image container_
|
|
||||||
|
|
||||||
make sure to use the following command to start openLDAP
|
|
||||||
```
|
|
||||||
root@example:/# slapd -h "ldap:/// ldapi:///" -g openldap -u openldap -F /etc/ldap/slapd.d
|
|
||||||
```
|
|
||||||
|
|
||||||
test connectivity to slapd
|
|
||||||
```
|
|
||||||
root@example:/# ldapsearch -x -H ldap://localhost -b "dc=example,dc=com" -s base "(objectclass=*)"
|
|
||||||
# extended LDIF
|
|
||||||
#
|
|
||||||
# LDAPv3
|
|
||||||
# base <dc=example,dc=com> with scope baseObject
|
|
||||||
...
|
|
||||||
```
|
|
||||||
|
|
||||||
make new test LDAP directories (LDAP OU) and create two attributes/branches with People and Group
|
|
||||||
```
|
|
||||||
root@example:/# vim base.ldif
|
|
||||||
```
|
|
||||||
|
|
||||||
```
|
|
||||||
dn: ou=People,dc=example,dc=com
|
|
||||||
objectClass: organizationalUnit
|
|
||||||
ou: People
|
|
||||||
|
|
||||||
dn: ou=Groups,dc=example,dc=com
|
|
||||||
objectClass: organizationalUnit
|
|
||||||
ou: Group
|
|
||||||
```
|
|
||||||
|
|
||||||
create the test directory in our LDAP server, the password in the dockerfile by default is _admin_
|
|
||||||
```
|
|
||||||
root@example:/# ldapadd -x -D cn=admin,dc=example,dc=com -W -f base.ldif
|
|
||||||
Enter LDAP Password:
|
|
||||||
adding new entry "ou=People,dc=example,dc=com"
|
|
||||||
|
|
||||||
adding new entry "ou=Groups,dc=example,dc=com"
|
|
||||||
```
|
|
||||||
|
|
||||||
verify the entries in the LDAP server
|
|
||||||
```
|
|
||||||
root@example:/# ldapsearch -x -LLL -b dc=example,dc=com 'ou=People' dn
|
|
||||||
dn: ou=People,dc=example,dc=com
|
|
||||||
root@example:/# ldapsearch -x -LLL -b dc=example,dc=com 'ou=Groups' dn
|
|
||||||
dn: ou=Groups,dc=example,dc=com
|
|
||||||
```
|
|
||||||
now we have an **Organizational Unit (ou=People, ou=Group, etc.)** with users and groups within an LDAP directory structure correctly created
|
|
||||||
|
|
||||||
### _Users administrative tasks_
|
|
||||||
|
|
||||||
create a new LDAP directory called Supergirls (LDAP OU) with the following data
|
|
||||||
```
|
|
||||||
root@example:/# vim add_ou.ldif
|
|
||||||
dn: ou=Supergirls,dc=example,dc=com
|
|
||||||
objectClass: organizationalUnit
|
|
||||||
ou: Supergirls
|
|
||||||
```
|
|
||||||
|
|
||||||
create it in our LDAP server, when asked for the root password, remember in the dockerfile by default is _admin_
|
|
||||||
```
|
|
||||||
root@example:/# ldapadd -x -D "cn=admin,dc=example,dc=com" -W -f add_ou.ldif
|
|
||||||
Enter LDAP Password:
|
|
||||||
adding new entry "ou=Supergirls,dc=example,dc=com"
|
|
||||||
```
|
|
||||||
|
|
||||||
verify the entry in the LDAP server
|
|
||||||
```
|
|
||||||
root@example:/# ldapsearch -x -LLL -b "dc=example,dc=com" "(ou=Supergirls)" dn
|
|
||||||
dn: ou=Supergirls,dc=example,dc=com
|
|
||||||
|
|
||||||
root@example:/#
|
|
||||||
```
|
|
||||||
|
|
||||||
create a new LDAP password to manage our new directory, and annotate the result hashed password
|
|
||||||
```
|
|
||||||
root@example:/# slappasswd
|
|
||||||
New password:
|
|
||||||
Re-enter new password:
|
|
||||||
{SSHA}hashedpasswd
|
|
||||||
```
|
|
||||||
|
|
||||||
create a .ldif file with the necessary attributes to insert in our Supergirls directory
|
|
||||||
```
|
|
||||||
root@example:/# vim add_user_supergirls.ldif
|
|
||||||
dn: uid=marisa,ou=Supergirls,dc=example,dc=com
|
|
||||||
objectClass: inetOrgPerson
|
|
||||||
objectClass: posixAccount
|
|
||||||
cn: Marisa
|
|
||||||
sn: Kirisame
|
|
||||||
givenName: Marisa
|
|
||||||
displayName: Marisa Kirisame
|
|
||||||
uid: marisa
|
|
||||||
uidNumber: 1001
|
|
||||||
gidNumber: 5000
|
|
||||||
homeDirectory: /home/marisa
|
|
||||||
loginShell: /bin/bash
|
|
||||||
userPassword: {SSHA}hashedpasswd
|
|
||||||
mail: marisa@example.com
|
|
||||||
```
|
|
||||||
|
|
||||||
insert the new user (marisa) in our Supergirls directory (LDAP OU), still using the root password _admin_
|
|
||||||
```
|
|
||||||
root@example:/# ldapadd -x -D "cn=admin,dc=example,dc=com" -W -f add_user_supergirls.ldif
|
|
||||||
Enter LDAP Password:
|
|
||||||
adding new entry "uid=marisa,ou=Supergirls,dc=example,dc=com"
|
|
||||||
```
|
|
||||||
|
|
||||||
verify the user (marisa) has been added tp tje Supergirls OU
|
|
||||||
```
|
|
||||||
root@example:/# ldapsearch -x -LLL -b "dc=example,dc=com" "(uid=marisa)" dn
|
|
||||||
dn: uid=marisa,ou=Supergirls,dc=example,dc=com
|
|
||||||
```
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
Loading…
Reference in New Issue
Block a user