Skip to content
Switch branches/tags

OpenLDAP Docker Image for testing

Docker Build Status Docker Stars Docker Pulls

This image provides an OpenLDAP Server for testing LDAP applications, i.e. unit tests. The server is initialized with the example domain with data from the Futurama Wiki.

Parts of the image are based on the work from Nick Stenning docker-slapd and Bertrand Gouny docker-openldap.

The Flask extension flask-ldapconn use this image for unit tests.


  • Initialized with data from Futurama
  • Support for LDAP over TLS (STARTTLS) using a self-signed cert, or valid certificates (LetsEncrypt, etc)
  • memberOf overlay support
  • MS-AD style groups support
  • Supports Forced STARTTLS
  • Supports custom domain and custom directory structure


docker pull rroemhild/test-openldap
docker run --rm -p 10389:10389 -p 10636:10636 rroemhild/test-openldap


# List all Users
ldapsearch -H ldap://localhost:10389 -x -b "ou=people,dc=planetexpress,dc=com" -D "cn=admin,dc=planetexpress,dc=com" -w GoodNewsEveryone "(objectClass=inetOrgPerson)"

# Request StartTLS
ldapsearch -H ldap://localhost:10389 -Z -x -b "ou=people,dc=planetexpress,dc=com" -D "cn=admin,dc=planetexpress,dc=com" -w GoodNewsEveryone "(objectClass=inetOrgPerson)"

# Enforce StartTLS
ldapsearch -H ldap://localhost:10389 -ZZ -x -b "ou=people,dc=planetexpress,dc=com" -D "cn=admin,dc=planetexpress,dc=com" -w GoodNewsEveryone "(objectClass=inetOrgPerson)"

# Enforce StartTLS with self-signed cert
LDAPTLS_REQCERT=never ldapsearch -H ldap://localhost:10389 -ZZ -x -b "ou=people,dc=planetexpress,dc=com" -D "cn=admin,dc=planetexpress,dc=com" -w GoodNewsEveryone "(objectClass=inetOrgPerson)"

Exposed ports

  • 10389 (ldap)
  • 10636 (ldaps)

Exposed volumes

  • /etc/ldap/slapd.d
  • /etc/ldap/ssl
  • /var/lib/ldap
  • /run/slapd

LDAP structure


Admin Secret
cn=admin,dc=planetexpress,dc=com GoodNewsEveryone


cn=Hubert J. Farnsworth,ou=people,dc=planetexpress,dc=com

Attribute Value
objectClass inetOrgPerson
cn Hubert J. Farnsworth
sn Farnsworth
description Human
displayName Professor Farnsworth
employeeType Owner
employeeType Founder
givenName Hubert
jpegPhoto JPEG-Photo (630x507 Pixel, 26780 Bytes)
ou Office Management
title Professor
uid professor
userPassword professor

cn=Philip J. Fry,ou=people,dc=planetexpress,dc=com

Attribute Value
objectClass inetOrgPerson
cn Philip J. Fry
sn Fry
description Human
displayName Fry
employeeType Delivery boy
givenName Philip
jpegPhoto JPEG-Photo (429x350 Pixel, 22132 Bytes)
ou Delivering Crew
uid fry
userPassword fry

cn=John A. Zoidberg,ou=people,dc=planetexpress,dc=com

Attribute Value
objectClass inetOrgPerson
cn John A. Zoidberg
sn Zoidberg
description Decapodian
displayName Zoidberg
employeeType Doctor
givenName John
jpegPhoto JPEG-Photo (343x280 Pixel, 26438 Bytes)
ou Staff
title Ph. D.
uid zoidberg
userPassword zoidberg

cn=Hermes Conrad,ou=people,dc=planetexpress,dc=com

Attribute Value
objectClass inetOrgPerson
cn Hermes Conrad
sn Conrad
description Human
employeeType Bureaucrat
employeeType Accountant
givenName Hermes
ou Office Management
uid hermes
userPassword hermes

cn=Turanga Leela,ou=people,dc=planetexpress,dc=com

Attribute Value
objectClass inetOrgPerson
cn Turanga Leela
sn Turanga
description Mutant
employeeType Captain
employeeType Pilot
givenName Leela
jpegPhoto JPEG-Photo (429x350 Pixel, 26526 Bytes)
ou Delivering Crew
uid leela
userPassword leela

cn=Bender Bending Rodríguez,ou=people,dc=planetexpress,dc=com

Attribute Value
objectClass inetOrgPerson
cn Bender Bending Rodríguez
sn Rodríguez
description Robot
employeeType Ship's Robot
givenName Bender
jpegPhoto JPEG-Photo (436x570 Pixel, 26819 Bytes)
ou Delivering Crew
uid bender
userPassword bender

cn=Amy Wong+sn=Kroker,ou=people,dc=planetexpress,dc=com

Amy has a multi-valued DN

Attribute Value
objectClass inetOrgPerson
cn Amy Wong
sn Kroker
description Human
givenName Amy
ou Intern
uid amy
userPassword amy


Attribute Value
objectClass Group
cn admin_staff
member cn=Hubert J. Farnsworth,ou=people,dc=planetexpress,dc=com
member cn=Hermes Conrad,ou=people,dc=planetexpress,dc=com


Attribute Value
objectClass Group
cn ship_crew
member cn=Turanga Leela,ou=people,dc=planetexpress,dc=com
member cn=Philip J. Fry,ou=people,dc=planetexpress,dc=com
member cn=Bender Bending Rodríguez,ou=people,dc=planetexpress,dc=com

JAAS configuration

In case you want to use this OpenLDAP server for testing with a Java-based application using JAAS and the LdapLoginModule, here's a working configuration file you can use to connect.

other { REQUIRED

This config uses the admin credentials to connect to the OpenLDAP server and to submit the search query for the user that enters their credentials. As username the uid attribute of each entry is used.