Lewati ke isi

Panduan instalasi OpenLDAP pada Ubuntu 16.04 LTS

bawaan image

docker run --name my-openldap-container --detach osixia/openldap:1.1.7
docker exec my-openldap-container ldapsearch -x -h localhost -b dc=example,dc=org -D "cn=admin,dc=example,dc=org" -w admin

modifikasi domain

docker run --name openldap --env LDAP_ORGANISATION="PROXSIS" --env LDAP_DOMAIN="ldap.proxsis.xyz" --env LDAP_ADMIN_PASSWORD="ProxsisLDAP" --detach osixia/openldap:1.1.7
docker exec openldap ldapsearch -x -h localhost -b dc=ldap,dc=proxsis,dc=xyz -D "cn=admin,dc=ldap,dc=proxsis,dc=xyz" -w ProxsisLDAP

persistensi data

docker run --name openldap --volume ~/mnt/ldap_data/slapd/database:/var/lib/ldap --volume ~/mnt/ldap_data/slapd/config:/etc/ldap/slapd.d --detach osixia/openldap:1.1.7

menggunakan TLS bawaan

docker run --hostname ldap.proxsis.xyz osixia/openldap:1.1.7

menggunakan sertifikat kustom

docker run --hostname ldap.proxsis.com --volume ~/mnt/ldap_data/certs:/container/service/slapd/assets/certs \
--env LDAP_TLS_CRT_FILENAME=ldap_server.pem \
--env LDAP_TLS_KEY_FILENAME=ldap_server.key \
--env LDAP_TLS_CA_CRT_FILENAME=ca_server.pem \
osixia/openldap:1.1.7

replikasi ldap

#Create the first ldap server, save the container id in LDAP_CID and get its IP:
LDAP_CID=$(docker run --hostname ldap.example.org --env LDAP_REPLICATION=true --detach osixia/openldap:1.1.7)
LDAP_IP=$(docker inspect -f "{{ .NetworkSettings.IPAddress }}" $LDAP_CID)

#Create the second ldap server, save the container id in LDAP2_CID and get its IP:
LDAP2_CID=$(docker run --hostname ldap2.example.org --env LDAP_REPLICATION=true --detach osixia/openldap:1.1.7)
LDAP2_IP=$(docker inspect -f "{{ .NetworkSettings.IPAddress }}" $LDAP2_CID)

#Add the pair "ip hostname" to /etc/hosts on each containers,
#beacause ldap.example.org and ldap2.example.org are fake hostnames
docker exec $LDAP_CID bash -c "echo $LDAP2_IP ldap2.example.org >> /etc/hosts"
docker exec $LDAP2_CID bash -c "echo $LDAP_IP ldap.example.org >> /etc/hosts"

# menambahkan pada master
docker exec $LDAP_CID ldapadd -x -D "cn=admin,dc=example,dc=org" -w admin -f /container/service/slapd/assets/test/new-user.ldif -h ldap.example.org -ZZ
# memeriksa pada replika
docker exec $LDAP2_CID ldapsearch -x -h ldap2.example.org -b dc=example,dc=org -D "cn=admin,dc=example,dc=org" -w admin -ZZ

debug

docker run --rm osixia/openldap:1.1.7 --loglevel debug

opsi perintah

docker run --rm osixia/openldap:1.1.7 --help