2.0 KiB
ldapdock
a configurable container running openLDAP
Step by step approach on how to setup and run an openLDAP server on a systemd-less docker image container
1- Creating the ldapdock image container
build ldapdock from the dockerfile and run into it
> docker build -t ldapdock /path/to/dockerfile
> docker run -h example.com -i -t -v ldap_data:/var/lib/ldap -v ldap_config:/etc/ldap/slapd.d ldapdock /bin/bash
Parameters explanation:
with -h we are specifying the name of the host, we are using example.com, this is very important. -i tells docker to run in an interactive way instead of running the container in the background. -t goes in hand with -i, and allocates a tty (terminal) so we can run commands. -v mounts a volume to save miscellaneous data in general, and config, content such as directories, databases and users.
2- Run the openLDAP server and create an admin user
Use the following command to start openLDAP
root@example:/# slapd -h "ldap:/// ldapi:///" -g openldap -u openldap -F /etc/ldap/slapd.d
Generate a password hash for our administrator user, 1234 here being the password
root@example:/# slappasswd -s 1234
{SSHA}yxIgYTzcuRRdlesjfWkIN6K97/8jOrZF
Create the .ldif file that will create the admin user, edit the userPassword attribute with our password hash
(you can copy & paste the entire command until userPassword, copy your password hash with the mouse, and paste it directly)
root@example:/# cat > create_admin.ldif << EOL
dn: cn=admin,dc=example,dc=com
changetype: add
objectClass: organizationalRole
objectClass: simpleSecurityObject
cn: admin
description: LDAP administrator
userPassword: {SSHA}yxIgYTzcuRRdlesjfWkIN6K97/8jOrZF # Replace with the hash of your password
Execute create_admin.ldif using the root password (which is the container default for openLDAP root: admin)
root@example:/etc/ldap# ldapadd -x -H ldap:/// -D "cn=admin,dc=example,dc=com" -w admin -f create_admin.ldif
adding new entry "cn=admin,dc=example,dc=com"
That's all, our administrator user was properly done.