karatejb: [OpenLDAP] Create an OpenLDAP container

2019年7月22日星期一

[OpenLDAP] Create an OpenLDAP container

ASP.NET Core Identity Server 4 OpenLDAP

▌Introduction

We are going to create an OpenLDAP Authentication Server by Identity Server 4.

The architecture is as following.

This tutorial is focus on how to create an OpenLDAP container.

▋Related articles

01. [OpenLDAP] Create an OpenLDAP container

02. [ASP.NET Core] Identity Server 4 – Concepts

03. [ASP.NET Core] Identity Server 4 – LDAP authentication

04. [ASP.NET Core] Identity Server 4 – Secure Web API

05. [ASP.NET Core] Identity Server 4 – Custom Event Sink

06. [ASP.NET Core] Identity Server 4 – Refresh Token

07. [ASP.NET Core] Identity Server 4 – Role based authorization

08. [ASP.NET Core] Identity Server 4 – Policy based authorization

09. [ASP.NET Core] Identity Server 4 - Dockerize

10. [ASP.NET Core] Identity Server 4 – Client Credential

11. [ASP.NET Core] Identity Server 4 – Policy based authorization with custom Authorization Handler

12. [ASP.NET Core] Identity Server 4 – Signing credential

13. [ASP.NET Core] Identity Server 4 – Authenticate by multiple LDAP

14. [ASP.NET Core] Identity Server 4 – Cache and refresh Discovery document

15. [ASP.NET Core] Identity Server 4 – PKCE Authorization Code Flow

16. [ASP.NETCore] Identity Server 4 – PKCE Authorization Code Flow (Javascript client)

▌Environment

▋docker-openldap 1.2.4 (OpenLDAP 2.4.47)

▌Implement

▋Pull docker image and run the container

osixia/openldap: Docker Hub | Github

▋Pull

$ docker pull osixia/openldap:1.2.4

▋Standard OpenLDAP with user: admin/admin at domain: example.org

$ docker run -e -d -p 389:389 -p 636:636 --name <container_name> osixia/openldap:1.2.4

▋Specify the password for admin

$ docker run -e LDAP_ADMIN_PASSWORD="<new_password>" -d -p 389:389 -p 636:636 --name <container_name> osixia/openldap:1.2.4

▋Specify the domain

$ docker run -e LDAP_ORGANISATION="jb" --env LDAP_DOMAIN="jb.org" --env LDAP_ADMIN_PASSWORD="12qwaszx" -d -p 389:389 -p 636:636 --name <container_name> osixia/openldap:1.2.4

▋Search OU in Container

$ docker exec <container_name> ldapsearch -x -H ldap://localhost -b dc=example,dc=org -D "cn=admin,dc=example,dc=org" -w admin

Result:

▋Manage OpenLDAP: LdapAdmin

Here is an example to create a new OU by LDAP tool: LdapAdmin.

First create a New connection,

Enter the following host settings. Notice that the Admin account is default:

Username: cn=admin,dc=example,dc=org

Password: admin

The LDAP shows after we connect to the host.

Right click on the DC and add a new User as below,

We can also set the password for the new user.

Now search the new user by

$ docker exec <container_name> ldapsearch -x -H ldap://localhost -b uid=jblin,dc=example,dc=org -D "cn=admin,dc=example,dc=org" -w admin

Result:

▌Reference

▋Ldap + Identity Server Series ー Part I ー OpenLdap on docker container

沒有留言:

張貼留言

訂閱：張貼留言 (Atom)