So I needed to test some ldap functionality on the Foreman, and I wanted to setup a local openldap server.
One option could have been to install openldap server on my laptop, but as I am enthusiastic about docker, I have decided to have an ldap server running within a container.
The solution was pretty much straight-forward:
I have found an openldap docker container @ nickstenning/slapd which provides exactly that…
so I have run
docker run -e LDAP_DOMAIN=example.com -e LDAP_ORGANIZATION="Example Ltd." \-e LDAP_ROOTPASS=mySecretPass --name ldap -p 389:389 -d nickstenning/slapd
* One important param to remember is to expose port 389 (this is done with -p 389:389)
The rest of the parameters are pretty much self-explanatory.
For some reason the container failed to start :/
I have checked the container logs with “docker logs -f CONTAINER_ID” and saw some weird permission issues.
I setenforce 0 my laptop – and boom, I had an openldap server up & running.
Next, I wanted to add my own user, besides the default admin user.
I have created an ldif file which looked like:
dn: uid=test,ou=users,dc=example,dc=com objectclass: inetOrgPerson objectclass: person givenName: Test sn: User mail: email@example.com uid: test userPassword: MyAlsoSecretPassword cn: Test User
Now I needed to apply it:
ldapadd -v -h localhost:389 -c -x -D cn=admin,dc=example,dc=com -W -f users.ldif
* Please note the cn=admin,dc=example,dc=com, which required the password we provided at LDAP_ROOTPASS
And the test user has been added…. 😀
To ensure, it was created I have run:
ldapsearch -v -h localhost:389 -b 'ou=users,dc=example,dc=com' -D 'cn=admin,dc=example,dc=com' -x -W '(&(objectClass=person)(uid=test))'
Finally I have set my Foreman instance to authenticate with ldap and spent the next two hours logging in and out from Foreman with my test user 😉