A basic configuration of the OpenLDAP server, slapd, with support for data volumes.
This image will initialize a basic configuration of slapd. Most common schemas are preloaded (all the schemas that come preloaded with the default Ubuntu Precise install of slapd), but the only record added to the directory will be the root organisational unit.
You can (and should) configure the following by providing environment variables
to docker run
:
LDAP_DOMAIN
sets the LDAP root domain. (e.g. if you providefoo.bar.com
here, the root of your directory will bedc=foo,dc=bar,dc=com
)LDAP_ORGANISATION
sets the human-readable name for your organisation (e.g.Acme Widgets Inc.
)LDAP_ROOTPASS
sets the LDAP admin user password (i.e. the password forcn=admin,dc=example,dc=com
if your domain wasexample.com
)
Optionally, you can configure the following options:
SLAPD_NOFILE_SOFT
sets the open file softlimit to be (defaults to the system limit or 16,384, whichever is smaller)
For example, to start a container running slapd for the mycorp.com
domain,
with data stored in /data/ldap
and config in /data/ldapconfig
on the host,
use the following:
docker run -v /data/ldap:/var/lib/ldap \
-v /data/ldapconfig:/etc/ldap/slapd.d \
-e LDAP_DOMAIN=mycorp.com \
-e LDAP_ORGANISATION="My Mega Corporation" \
-e LDAP_ROOTPASS=s3cr3tpassw0rd \
-d nickstenning/slapd
You can find out which port the LDAP server is bound to on the host by running
docker ps
(or docker port <container_id> 389
). You could then load an LDIF
file (to set up your directory) like so:
ldapadd -h localhost -p <host_port> -c -x -D cn=admin,dc=mycorp,dc=com -W -f data.ldif
NB: Please be aware that by default docker will make the LDAP port accessible from anywhere if the host firewall is unconfigured.