From 87bdeb51bb7643d0ef30264ee6229ac05acb0e7d Mon Sep 17 00:00:00 2001 From: Benoit Crickboom Date: Mon, 16 Sep 2024 16:50:22 +0200 Subject: [PATCH] added open ldap setup --- minimal-setup/openldap/README.md | 27 ++++++ minimal-setup/openldap/docker-compose.yml | 27 ++++++ minimal-setup/openldap/ldif/test.ldif | 106 ++++++++++++++++++++++ 3 files changed, 160 insertions(+) create mode 100644 minimal-setup/openldap/README.md create mode 100644 minimal-setup/openldap/docker-compose.yml create mode 100644 minimal-setup/openldap/ldif/test.ldif diff --git a/minimal-setup/openldap/README.md b/minimal-setup/openldap/README.md new file mode 100644 index 0000000..1e18750 --- /dev/null +++ b/minimal-setup/openldap/README.md @@ -0,0 +1,27 @@ +# What is it about? + +This is a tiny setup to quickly spin up an LDAP server to perform some tests (with Keycloak). +All users have the same password: +``` +change-me +``` + +## Cheat code to run it aside Keycloak + +From the keycloak folder (minimal-setup): +``` +docker compose -f docker-compose.yml -f ../openldap/docker-compose.yml up -d +``` + +## Login to the mgmt web ui +``` +http://localhost:6443 + +cn=admin,dc=myorg,dc=com +change-me +``` + +## List all the users from the terminal +``` +ldapsearch -x -H ldap://localhost:389 -D "cn=admin,dc=myorg,dc=com" -w "change-me" -b "OU=users,DC=myorg,DC=com" +``` \ No newline at end of file diff --git a/minimal-setup/openldap/docker-compose.yml b/minimal-setup/openldap/docker-compose.yml new file mode 100644 index 0000000..325d85e --- /dev/null +++ b/minimal-setup/openldap/docker-compose.yml @@ -0,0 +1,27 @@ +# SPDX-FileCopyrightText: 2022 - 2024 Orthanc Team SRL +# +# SPDX-License-Identifier: CC0-1.0 + +version: "3" +services: + + openldap-server: + image: osixia/openldap + ports: + - 389:389 + - 636:636 + environment: + LDAP_ORGANISATION: "MyOrg" + LDAP_DOMAIN: "myorg.com" + LDAP_ADMIN_PASSWORD: "change-me" + LDAP_SEED_INTERNAL_LDIF_PATH: "/home/ldif" + volumes: + - ./ldif:/home/ldif + + phpldapadmin: + image: osixia/phpldapadmin + ports: + - 6443:80 + environment: + PHPLDAPADMIN_HTTPS: "false" + PHPLDAPADMIN_LDAP_HOSTS: "openldap-server" \ No newline at end of file diff --git a/minimal-setup/openldap/ldif/test.ldif b/minimal-setup/openldap/ldif/test.ldif new file mode 100644 index 0000000..9909f1a --- /dev/null +++ b/minimal-setup/openldap/ldif/test.ldif @@ -0,0 +1,106 @@ +# LDIF Export for dc=myorg,dc=com +# Server: openldap-server (openldap-server) +# Search Scope: sub +# Search Filter: (objectClass=*) +# Total Entries: 9 +# +# Generated by phpLDAPadmin (http://phpldapadmin.sourceforge.net) on September 16, 2024 11:47 am +# Version: 1.2.5 + +version: 1 + +# Entry 1: dc=myorg,dc=com +# dn: dc=myorg,dc=com +# dc: myorg +# o: MyOrg +# objectclass: top +# objectclass: dcObject +# objectclass: organization + +# Entry 2: ou=groups,dc=myorg,dc=com +dn: ou=groups,dc=myorg,dc=com +objectclass: organizationalUnit +objectclass: top +ou: groups + +# Entry 3: cn=developers,ou=groups,dc=myorg,dc=com +dn: cn=developers,ou=groups,dc=myorg,dc=com +cn: developers +objectclass: top +objectclass: groupOfUniqueNames +uniquemember: uid=john.doe,ou=users,dc=myorg,dc=com +uniquemember: uid=jane.doe,ou=users,dc=myorg,dc=com + +# Entry 4: cn=managers,ou=groups,dc=myorg,dc=com +dn: cn=managers,ou=groups,dc=myorg,dc=com +cn: managers +objectclass: top +objectclass: groupOfUniqueNames +uniquemember: uid=alice.smith,ou=users,dc=myorg,dc=com +uniquemember: uid=bob.jones,ou=users,dc=myorg,dc=com + +# Entry 5: ou=users,dc=myorg,dc=com +dn: ou=users,dc=myorg,dc=com +objectclass: organizationalUnit +objectclass: top +ou: users + +# Entry 6: uid=alice.smith,ou=users,dc=myorg,dc=com +dn: uid=alice.smith,ou=users,dc=myorg,dc=com +cn: Alice Smith +gidnumber: 500 +homedirectory: /home/alice.smith +loginshell: /bin/bash +mail: alice.smith@myorg.com +objectclass: inetOrgPerson +objectclass: posixAccount +objectclass: top +sn: Smith +uid: alice.smith +uidnumber: 1003 +userpassword: {SSHA}gPG0Te3ggmrEBf1cFg0wgymawpCOKF85 + +# Entry 7: uid=bob.jones,ou=users,dc=myorg,dc=com +dn: uid=bob.jones,ou=users,dc=myorg,dc=com +cn: Bob Jones +gidnumber: 500 +homedirectory: /home/bob.jones +loginshell: /bin/bash +mail: bob.jones@myorg.com +objectclass: inetOrgPerson +objectclass: posixAccount +objectclass: top +sn: Jones +uid: bob.jones +uidnumber: 1004 +userpassword: {SSHA}uJVNDjOzKANIzuFZusa7PfJlcTM/odaO + +# Entry 8: uid=jane.doe,ou=users,dc=myorg,dc=com +dn: uid=jane.doe,ou=users,dc=myorg,dc=com +cn: Jane Doe +gidnumber: 500 +homedirectory: /home/jane.doe +loginshell: /bin/bash +mail: jane.doe@myorg.com +objectclass: inetOrgPerson +objectclass: posixAccount +objectclass: top +sn: Doe +uid: jane.doe +uidnumber: 1002 +userpassword: {SSHA}Nzle/2CA2DA7A+jFZVZiHraEKkkb+zJc + +# Entry 9: uid=john.doe,ou=users,dc=myorg,dc=com +dn: uid=john.doe,ou=users,dc=myorg,dc=com +cn: John Doe +gidnumber: 500 +homedirectory: /home/john.doe +loginshell: /bin/bash +mail: john.doe@myorg.com +objectclass: inetOrgPerson +objectclass: posixAccount +objectclass: top +sn: Doe +uid: john.doe +uidnumber: 1001 +userpassword: {SSHA}zQ/DwEuaAun5KYC7yWFc769EbbDTi/k7 \ No newline at end of file