LDAP examples

12 Feb 2022

CLI

ldapsearch -x -w password -H ldap://localhost -D cn=admin,dc=k8s,dc=com -b ou=authelia,dc=k8s,dc=com
ldapwhoami -x -w password -D cn=admin,cn=config
ldapwhoami -x -w password -D cn=admin,dc=k8s,dc=com
ldapwhoami -x -w kuster -D cn=ShihtaKuan,ou=group0,dc=k8s,dc=com
slappasswd -o module-load=pw-argon2 -h {ARGON2} -s abc

Some configuration

ldapmodify -x -w password -D cn=admin,cn=config -f ldap_disable_bind_anon.ldif
ldapmodify -x -w password -D cn=admin,cn=config -f argon2.ldif

change password

ldappasswd -x -D cn=admin,dc=k8s,dc=com -w password -S cn=ShihtaKuan,ou=group0,dc=k8s,dc=com

docker run

docker run -d \
  --network host \
  --env LDAP_ORGANISATION="Kubernetes LDAP" \
  --env LDAP_DOMAIN="k8s.com" \
  --env LDAP_ADMIN_PASSWORD="password" \
  --env LDAP_CONFIG_PASSWORD="password" \
  --name openldap-server \
  -v $PWD/data/ldap:/var/lib/ldap -v $PWD/data/slapd.d:/etc/ldap/slapd.d \
  osixia-openldap:test0

docker run -d \
  -p 0.0.0.0:8443:443 \
  --env PHPLDAPADMIN_LDAP_HOSTS=10.103.3.101 \
  --name phpldapadmin \
  osixia/phpldapadmin

[[email protected] ~]# docker ps |grep ldap
e444229214a5        osixia/openldap:1.2.2                                             "/container/tool/run"    24 hours ago        Up 24 hours         389/tcp, 636/tcp                         my-openldap-container
[[email protected] ~]# docker exec -it my-openldap-container sh
# ldapsearch -VV
ldapsearch: @(#) $OpenLDAP: ldapsearch  (May 23 2018 04:25:19) $
	Debian OpenLDAP Maintainers <[email protected]>
	(LDAP library: OpenLDAP 20444)
# 


# slaptest
config file testing succeeded
# 



# slapcat -v
# id=00000001
dn: dc=example,dc=org
objectClass: top
objectClass: dcObject
objectClass: organization
o: Example Inc.
dc: example
structuralObjectClass: organization
entryUUID: f8f7b81c-6a92-1038-9a4d-81d6b41cd327
creatorsName: cn=admin,dc=example,dc=org
createTimestamp: 20181022221004Z
entryCSN: 20181022221004.555004Z#000000#000#000000
modifiersName: cn=admin,dc=example,dc=org
modifyTimestamp: 20181022221004Z

# id=00000002
dn: cn=admin,dc=example,dc=org
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator
userPassword:: e1NTSEF9RTBJMTlqaW1BTVlaZ0h2aEhPbm5YVVdWRmQxaEtBRnM=
structuralObjectClass: organizationalRole
entryUUID: f8f818b6-6a92-1038-9a4e-81d6b41cd327
creatorsName: cn=admin,dc=example,dc=org
createTimestamp: 20181022221004Z
entryCSN: 20181022221004.557498Z#000000#000#000000
modifiersName: cn=admin,dc=example,dc=org
modifyTimestamp: 20181022221004Z

# 

References

How to disable anonymous access
ARGON2: Update password hashing algorithms
https://manpages.debian.org/testing/slapd-contrib/slapd-pw-argon2.5.en.html#t=
https://www.mail-archive.com/openldap-technical@openldap.org/msg24715.html

Shihta's Note

Shihta's Note

LDAP examples

CLI

Some configuration

change password

docker run

References

Shihta's Note

Shihta's Note

LDAP examples

CLI

Some configuration

change password

docker run

References

Related Posts

ipmi emulator for qemu/virsh 21 Jul 2023

virsh iommu 30 Dec 2022

Disable Microsoft Autoupdate 08 Oct 2022