phi/openldap
crudo 9ee69fb907 Refactor LDAP Client
* Enable LDAP traffic logging
* Specify CA certificates file
* Move client creation to actual parent
* Fix OpenLDAP container certificate generation
2017-12-18 20:28:54 +01:00
..
.gitignore Import 2017-12-16 23:17:01 +01:00
Dockerfile Import 2017-12-16 23:17:01 +01:00
init.ldif Use unprivileged user 2017-12-17 10:51:25 +01:00
Makefile Refactor LDAP Client 2017-12-18 20:28:54 +01:00
README.md Import 2017-12-16 23:17:01 +01:00
slapd.conf Import 2017-12-16 23:17:01 +01:00

OpenLDAP container

Beware that this is intended for development purposes only and should not be used in production.

Make sure the latest Docker version in installed and the Docker daemon is running.

Building the container image

Before being able to use this container you must build it. Just run make build from within the openldap directory in the root of this project.

The created Docker image should be now present in your library.

% docker images 'unit/slapd'
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
unit/slapd          latest              c04d952b53d3        2 minutes ago       8.92MB

This will also create in the openldap directory in the root of this repository two files containing the private key and the server certificate for the just built docker image.

% ls -l *.pem
-rw-r--r-- 1 crudo users 1265 16 dic 22.25 cert.pem
-rw------- 1 crudo users 1704 16 dic 22.25 key.pem

Running the container image

Just run make run. This will start an OpenLDAP daemon bound to 127.0.0.1 on port 389.

The root user DN is cn=root,dn=unit,dc=macaomilano,dc=org and its password is root.

Sending SIGINT (or pressing Ctrl+C) will stop the daemon and remove the running docker instance..

Issuing client commands

In order to operate LDAP commands you need the ldapsearch and ldapmodify binaries.

Such commands require some environment variables to be set. The make shell command will start a new shell with those variables already set. Currently only Zsh is supported.

Populate the server

The init.ldif file that can be found in the openldap directory in the root of this repository contains a basic structure that can be imported to the OpenLDAP directory server. Just run make populate from withing the same directory.

Inspect the server

Running the command make inspect from within the openldap directory in the root of this repository will show all the stored information in the OpenLDAP directory server.