From eff01c5406b29d4519b7afd96470f7f784c76d3e Mon Sep 17 00:00:00 2001 From: Gilles Mouchet Date: Wed, 1 Jan 2025 17:51:34 +0100 Subject: [PATCH] =?UTF-8?q?replace=20values=20=E2=80=8B=E2=80=8Bwith=20var?= =?UTF-8?q?iables?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .openldap.env.dist | 2 ++ README.md | 19 ++++++++++++++++--- ldap-init.sh | 2 -- reinit-ldap.sh | 6 ++---- 4 files changed, 20 insertions(+), 9 deletions(-) diff --git a/.openldap.env.dist b/.openldap.env.dist index f386040..5251545 100644 --- a/.openldap.env.dist +++ b/.openldap.env.dist @@ -8,3 +8,5 @@ LDAP_TLS_CERT_FILE=/opt/bitnami/openldap/certs/gmolab.net.crt LDAP_TLS_KEY_FILE=/opt/bitnami/openldap/certs/gmolab.net.key LDAP_TLS_CA_FILE=/opt/bitnami/openldap/certs/gmolabCA.crt LDAP_SKIP_DEFAULT_TREE=yes +# OpenLDAP server +LDAP_SRV=ldaps://gmoadm.gmolab.net:1636 \ No newline at end of file diff --git a/README.md b/README.md index d8ba665..2f1ad04 100644 --- a/README.md +++ b/README.md @@ -54,15 +54,15 @@ ldapsearch -H ldaps://gmoadm.gmolab.net:1636 -x -D 'cn=Access LDAP,ou=people,dc= ``` * Get Config ```bash -docker exec ldap /bin/bash -c "ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config '(objectClass=olcDatabaseConfig)'" +docker exec openldap /bin/bash -c "ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config '(objectClass=olcDatabaseConfig)'" ``` * Get olcAccess ```bash -docker exec ldap /bin/bash -c "ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config '(objectClass=olcDatabaseConfig)' olcAccess" +docker exec openldap /bin/bash -c "ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config '(objectClass=olcDatabaseConfig)' olcAccess" ``` * Get Modules ```bash -docker exec ldap /bin/bash -c "ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config '(objectClass=olcModuleList)' " +docker exec openldap /bin/bash -c "ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config '(objectClass=olcModuleList)' " ``` ## Sources @@ -76,3 +76,16 @@ docker exec ldap /bin/bash -c "ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn ### v1.0 - 2024-12-29 #### Added - initial version by [GMo](mailto:gilles.mouchet@gmail.com) + + +dn: olcDatabase={-1}frontend,cn=config + +dn: olcDatabase={0}config,cn=config +olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=1001,cn=peercred,cn=exter + nal,cn=auth" manage by * none + +dn: olcDatabase={1}monitor,cn=config +olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external + , cn=auth" read by dn.base="cn=admin,dc=gmolab,dc=net" read by * none + +dn: olcDatabase={2}mdb,cn=config \ No newline at end of file diff --git a/ldap-init.sh b/ldap-init.sh index c2b54a6..2a479c6 100755 --- a/ldap-init.sh +++ b/ldap-init.sh @@ -1,7 +1,5 @@ #!/bin/bash source .openldap.env -LDAP_SRV=ldaps://gmoadm.gmolab.net:1636 -#LDAP_SRV=ldap://gmoadm.gmolab.net:1389 #echo "Delete from the box users" #ldapdelete -H $LDAP_SRV -w $LDAP_ADMIN_PASSWORD -D $LDAP_ADMIN_DN \ # "cn=user01,ou=people,$LDAP_ROOT" \ diff --git a/reinit-ldap.sh b/reinit-ldap.sh index ee2476b..f78b974 100755 --- a/reinit-ldap.sh +++ b/reinit-ldap.sh @@ -1,4 +1,5 @@ #!/bin/bash +source .openldap.env # DELETE ALL DIRECTORY DATA echo "You will DELETE ALL DATA from the directory!!" read -p "Are you sure? " -n 1 -r @@ -10,8 +11,5 @@ if [[ $REPLY =~ ^[Yy]$ ]]; then docker compose up -d sleep 5 ./ldap-init.sh - ldapsearch -H ldaps://gmoadm.gmolab.net:1636 -x -D 'cn=Access LDAP,ou=people,dc=gmolab,dc=net' -b 'dc=gmolab,dc=net' -w pa55w0rd - #ldapsearch -H ldap://gmoadm.gmolab.net -x -D 'cn=admin,dc=example,dc=org' -b 'dc=example,dc=org' -w adminpassword - #ldapsearch -H ldap://gmoadm.gmolab.net:1389 -x -D 'cn=admin,dc=gmolab,dc=net' -b 'dc=gmolab,dc=net' -w pa55w0rd - + ldapsearch -H ldaps://$LDAP_SRV -x -D "cn=Access LDAP,ou=people,$LDAP_ROOT" -b "$LDAP_ROOT" -w pa55w0rd fi