Skip to content
/ adldap-docker Public

Dockerized ApacheDS masquerading as Active Directory (AD) - for testing!

License

Apache-2.0 license
0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

rohitkoul/adldap-docker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
data
data
 
 
test
test
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
entrypoint.sh
entrypoint.sh
 
 
extensions.ldif
extensions.ldif
 
 

Repository files navigation

Troll Active Directory (AD)

This is essentially an Apache Directory Server (ApacheDS) with some Active Directory (AD) specific attributes added to make it feel like AD ; done primarily for testing purposes.

References

Make Fu

A Makefile is provided for convenience, though a part of me considers it abusing Makefiles.

  1. Run make help to see various supported commands.
  2. For the uninitiated, make docker [img=<img> tag=<tag>] builds the image as <img>:<tag> (default rkoul/adldap-docker:1.0.0dev) and make run [img=<img> tag=<tag>] runs it.
  3. make runssl [img=<img> tag=<tag>] starts the TLS listener as well.

you may want to check out the help menu for more details

Docker Fu

Run

you can run it with the default data and config

   docker run -it --rm -p 127.0.0.1:10389:10389  rkoul/adldap-docker:1.0.1

Or pass your own users/groups ldif file via a bind mount (see attributes in data/records.ldif)

	docker run -v /tmp/data:/ldap/data \
	    -e LDAP_USER_LDIF=myusers.ldif \
		-e LDAP_ADMIN_PASSWORD=secret \
		-e LDAP_DEBUG=true \
		-it --rm -p 127.0.0.1:10389:10389  rkoul/adldap-docker:1.0.1

For LDAPS, you can add a java keystore file in the mounted dir. (see make keystore)

	docker run -v /tmp/data:/ldap/data \
	    -e LDAP_USER_LDIF=myusers.ldif \
		-e LDAP_ADMIN_PASSWORD=secret \
		-e LDAP_KEYSTORE=mykeystore.jks \
		-e LDAP_KEYSTORE_PASSWORD=mypass \
		-e LDAP_DEBUG=true \
		-it --rm -p 127.0.0.1:10636:10636 rkoul/adldap-docker:1.0.1

Local Build

if you make changes, you can clone this repo and build a new version as under:

docker build -t adldap:0.0.1 .

Sample dataset

  • default LDAP admin bind credentials are uid=admin,ou=system and whatever is passed as LDAP_ADMIN_PASSWORD
  • the rest of the sample data is in data/records.ldif (the schema gets created via extensions.ldif which you can completely replace with another bind mount on :/ldap/extensions.ldif)
  • user basedn = ou=users,dc=example,dc=com
  • groups basedn = ou=groups,dc=example,dc=com
  • user password = secret
cn full name uid mail groups
rohit Rohit Koul rkoul [email protected] piedpiper, trinity, threecommaclub
richard Richard Hendricks rhendricks [email protected] piedpiper, trinity
gilfoyle Bertram Gilfoyle bgilfoyle [email protected] piedpiper
erlich Erlich Bachman ebachman [email protected] piedpiper, aviato
jianyang Jian Yang jyang [email protected] piedpiper
gavin Gavin Belson gbelson [email protected] hooli
russ Russ Hanneman rhanneman [email protected] threecommaclub
bighead Nelson Bighetti bnelson [email protected] hooli
jared Donald Dunn jared [email protected] piedpiper, hooli
dinesh Dinesh Chugtai dchugtai [email protected] piedpiper
monica Monica Hall mhall [email protected] raviga
laurie Laurie Bream lbream [email protected] raviga
anton Anton Server anton [email protected] -

There are also users adminuser, testuser & groups admins and testers should you just care for generic ones. Use an LDAP browser and look at it.

About

Dockerized ApacheDS masquerading as Active Directory (AD) - for testing!

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Languages