| dockerfile | ||
| README.md | ||
| READMEold.md | ||
ldapdock
a configurable container running openLDAP
A step by step approach on how to setup and run the openLDAP server on a classic systemd-less Docker image container, optional steps are marked with *
Creating the ldapdock image container
build ldapdock
> docker build -t ldapdock /path/to/dockerfile
* after build, check the docker image has been created properly with the given REPOSITORY name
> docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ldapdock latest 0e4a1521b346 6 hours ago 138MB
run into the container to setup openLDAP
> docker run -h example.com -i -t ldapdock /bin/bash
Inside the ldapdock image container
make sure to use the following command to start openLDAP
root@example:/# slapd -h "ldap:/// ldapi:///" -g openldap -u openldap -F /etc/ldap/slapd.d
test connectivity to slapd
root@example:/# ldapsearch -x -H ldap://localhost -b "dc=example,dc=com" -s base "(objectclass=*)"
# extended LDIF
#
# LDAPv3
# base <dc=example,dc=com> with scope baseObject
...
make new test LDAP directories (LDAP OU) and create two attributes/branches with People and Group
root@example:/# vim base.ldif
dn: ou=People,dc=example,dc=com
objectClass: organizationalUnit
ou: People
dn: ou=Groups,dc=example,dc=com
objectClass: organizationalUnit
ou: Group
create the test directory in our LDAP server, the password in the dockerfile by default is admin
root@example:/# ldapadd -x -D cn=admin,dc=example,dc=com -W -f base.ldif
Enter LDAP Password:
adding new entry "ou=People,dc=example,dc=com"
adding new entry "ou=Groups,dc=example,dc=com"
verify the entries in the LDAP server
root@example:/# ldapsearch -x -LLL -b dc=example,dc=com 'ou=People' dn
dn: ou=People,dc=example,dc=com
root@example:/# ldapsearch -x -LLL -b dc=example,dc=com 'ou=Groups' dn
dn: ou=Groups,dc=example,dc=com
now we have an Organizational Unit (ou=People, ou=Group, etc.) with users and groups within an LDAP directory structure correctly created
Users administrative tasks
create a new LDAP directory called Supergirls (LDAP OU) with the following data
root@example:/# vim add_ou.ldif
dn: ou=Supergirls,dc=example,dc=com
objectClass: organizationalUnit
ou: Supergirls
create it in our LDAP server, when asked for the root password, remember in the dockerfile by default is admin
root@example:/# ldapadd -x -D "cn=admin,dc=example,dc=com" -W -f add_ou.ldif
Enter LDAP Password:
adding new entry "ou=Supergirls,dc=example,dc=com"
verify the entry in the LDAP server
root@example:/# ldapsearch -x -LLL -b "dc=example,dc=com" "(ou=Supergirls)" dn
dn: ou=Supergirls,dc=example,dc=com
root@example:/#
create a new LDAP password to manage our new directory, and annotate the result hashed password
root@example:/# slappasswd
New password:
Re-enter new password:
{SSHA}hashedpasswd
create a .ldif file with the necessary attributes to insert in our Supergirls directory
root@example:/# vim add_user_supergirls.ldif
dn: uid=marisa,ou=Supergirls,dc=example,dc=com
objectClass: inetOrgPerson
objectClass: posixAccount
cn: Marisa
sn: Kirisame
givenName: Marisa
displayName: Marisa Kirisame
uid: marisa
uidNumber: 1001
gidNumber: 5000
homeDirectory: /home/marisa
loginShell: /bin/bash
userPassword: {SSHA}hashedpasswd
mail: marisa@example.com
insert the new user (marisa) in our Supergirls directory (LDAP OU), still using the root password admin
root@example:/# ldapadd -x -D "cn=admin,dc=example,dc=com" -W -f add_user_supergirls.ldif
Enter LDAP Password:
adding new entry "uid=marisa,ou=Supergirls,dc=example,dc=com"
verify the user (marisa) has been added tp tje Supergirls OU
root@example:/# ldapsearch -x -LLL -b "dc=example,dc=com" "(uid=marisa)" dn
dn: uid=marisa,ou=Supergirls,dc=example,dc=com