The main idea of this playground is to provide an easy to use LDAP - Lightweight Directory Access Protocol server to simply play around with the technology.
The Apache Directory™ Project - We strive to increase LDAP awareness, comfort and adoption to bring forth what we call the Modern LDAP Renaissance.
Prerequisites
This playground requires a ready to use Docker Compose environment.
For the impatient...
Grab your copy of the playground datenkollektiv/ldap-playground...
run up.sh
to build and up the environment.
Note: You'll need to prepare a keystore. Check the chapter Prepare a keystore below in case you need some guidance.
Your LDAP server is ready to go - check out the local server at ldap://localhost:389
.
Deep dive
The main components you'll probably want to adapt and fine-tune your personal LDAP playground are:
- The Docker Compose configuration
docker-compose.yaml
and - the sample data
initial-import.ldif
Prepare a keystore
The setup requires a keystore to be present in docker/etc
for TLS.
Note: use
changeit
as password or updateAPACHEDS_TLS_KS_PWD
indocker-compose.yaml
accordingly.
The keystore should be named apacheds.jks
and can be generated like follows (You'll need the Java keytool
):
keytool -genkeypair -alias apacheds -keyalg RSA -validity 7 -keystore apacheds.jks
Copy the generated keystore into the directory docker/etc
The configuration knobs
If unchanged the LDAP server will be available via ldap://127.0.0.1:389
or simply ldap://
and ldaps://
from the Docker host.
Check the port mappings in the docker-compose.yaml
in case you don't want to use the default ports.
The initial data will be inserted from docker/data/initial-import.ldif
.
So this is the natural place in case you want to fiddle with the initial data set.
First contact
Note: You can verify the installation from the host system with
ldapsearch -H ldap:// -x -s base -b "" -LLL "+"
CLI example with ldapmodify
ldapmodify -H ldap:// -D "uid=admin,ou=system" -w apacheds -a -f ldif-examples/users.ldif
Note: The preconfigured admin password is
apacheds
and can be changed in thedocker-compose.yaml
if need be.
CLI example with ldapsearch
Connect as uid=admin,ou=system
and query the LDAP tree ou=users,dc=example,dc=com
.
ldapsearch -H ldap:// -D "uid=admin,ou=system" -w apacheds -b "ou=users,dc=example,dc=com"
...
# search result
search: 2
result: 0 Success
# numResponses: 3
# numEntries: 2
Connect with Apache Directory Studio™
Apache Directory Studio™ - The Eclipse-based LDAP browser and directory client
Download Apache Directory Studio from Apache Directory - Downloads
Create (and check) the connection as shown in the screenshots below.
New LDAP Connection - Network Parameter
New LDAP Connection - Authentication
If you made it so far - take the next step and clone the playground datenkollektiv/ldap-playground to get your hands dirty...
Acknowledgment - The docker-compose setup is heavily based on the Docker image provided by TremoloSecurity/apacheds
Photo by Patchanu Noree on Burst