Skip to content

Ldap unique #291

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
simonLeary42 merged 3 commits into from
Aug 28, 2025
Merged

Ldap unique #291

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
d397831
load unique, pw-sha2 modules, configure unique module
simonLeary42 Aug 28, 2025
6c6f2a6
fix slapo-unqiue
simonLeary42 Aug 28, 2025
d5303cf
add to readme
simonLeary42 Aug 28, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,9 @@ See the Docker Compose environment (`tools/docker-dev/`) for an (unsafe for prod
1. OpenLDAP server
* Structure should be similar to `tools/docker-dev/identity/bootstrap.ldif` <!-- TODO separate OUs from entries -->
* Also see `tools/docker-dev/identity/{config,ssh}.ldif`
* recommended openldap modules/overlays:
* `unique`: prevent UIDNumber, GIDNumber conflicts
* `pw-sha2`: allow the use of sha2 password hashing algorithms for bind
1. MySQL / MariaDB server
* Structure should be similar to `tools/docker-dev/sql/bootstrap.sql` <!-- TODO separate structure from data -->
1. SMTP server
Expand Down
17 changes: 9 additions & 8 deletions tools/docker-dev/identity/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,17 +14,18 @@ RUN chown openldap:openldap /var/lib/ldap
COPY ssh.ldif /etc/ldap/schema/ssh.ldif
COPY ldap-config.ldif /tmp/ldap-config.ldif
COPY bootstrap.ldif /tmp/bootstrap.ldif
COPY load-modules.ldif /tmp/load-modules.ldif
COPY configure-unique.ldif /tmp/configure-unique.ldif

RUN service slapd start; \
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif; \
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif; \
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif; \
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/ssh.ldif; \
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif; \
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif; \
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif; \
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/ssh.ldif; \
ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/ldap-config.ldif; \
slapadd -l /tmp/bootstrap.ldif

RUN rm -rf /tmp/ldap-config.ldif
RUN rm -rf /tmp/bootstrap.ldif
ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/load-modules.ldif; \
ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/configure-unique.ldif; \
slapadd -l /tmp/bootstrap.ldif

# PHPLDAPAdmin Setup
RUN rm -rf /etc/phpldapadmin/config.php
Expand Down
7 changes: 7 additions & 0 deletions tools/docker-dev/identity/configure-unique.ldif
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
dn: olcOverlay=unique,olcDatabase={1}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcUniqueConfig
olcOverlay: unique
olcUniqueURI: ldap:///?uid?sub?(objectClass=posixAccount)
olcUniqueURI: ldap:///?uidNumber?sub?(objectClass=posixAccount)
olcUniqueURI: ldap:///?gidNumber?sub?(objectClass=posixGroup)
5 changes: 5 additions & 0 deletions tools/docker-dev/identity/load-modules.ldif
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: pw-sha2
olcModuleLoad: unique