Skip to content

Configuring an OpenLDAP internal server

Jump to bottom
Angel Borroy edited this page Sep 14, 2018 · 2 revisions

Following instructions describe how to configure a new OpenLDAP service and PHPLdapAdmin webapp inside the Docker Machine to provide LDAP Authentication features in Alfresco Repository.

  1. Add OpenLDAP service and PHPLdapAdmin webapp to docker-compose.yml 
    openldap:
        image: osixia/openldap
        container_name: openldap
        environment:
          LDAP_DOMAIN: "keensoft.es"
          LDAP_BASE_DN: "dc=keensoft,dc=es"
          LDAP_ADMIN_PASSWORD: "admin"
        volumes: 
            - ./volumes/data/ldap:/var/lib/ldap
            - ./volumes/data/slap.d:/etc/ldap/slap.d
        networks:
            - internal
        ports:
            - 389:389

    phpldapadmin:
        image: osixia/phpldapadmin
        container_name: phpldapadmin
        environment:
          PHPLDAPADMIN_LDAP_HOSTS: "openldap"
          PHPLDAPADMIN_HTTPS=false:
        links:
            - openldap
        depends_on:
            - openldap
        ports:
            - 8080:80
        networks:
            - internal

This configuration includes sample values for LDAP configuration properties LDAP_DOMAIN, LDAP_BASE_DN and LDAP_ADMIN_PASSWORD. They should be changed to fit your naming requirements.

OpenLDAPAdmin will be available by default at http://localhost:8080, but it can be configured to be used in other port or context in proxy service.

  1. Add configuration properties for LDAP Authentication at alfresco-global.properties 
# LDAP Authentication
authentication.chain=alfinst:alfrescoNtlm,ldap1:ldap
ldap.authentication.active=true
ldap.authentication.java.naming.provider.url=ldap://openldap:389
ldap.authentication.userNameFormat=uid=%s,dc=keensoft,dc=es
ldap.synchronization.active=false
Clone this wiki locally