-
-
Notifications
You must be signed in to change notification settings - Fork 101
Demo LDAP Configuration
Demo LDAP Configuration
Skip this part if you are using your own LDAP server or SAML2 auth.
Firstly, point the configuration file to the internal LDAP server:
[auth]
type: ldap
ldap_server: ldap://ldap.crackq.org
group: domain\Domain Users
Adding users using the demo LDAP server container: Generate LDAP SHA hash:
sudo docker exec ldap.crackq.org slappasswd -h {SSHA} -s <new-password>
Copy one of the example LDIF files:
cp ./docker/openldap/bootstrap/crackq_user1.ldif ./docker/openldap/bootstrap/<user>.ldif
Then modify the file to your chosen username and insert the above generated SHA hash.
Add the LDAP user from the LDIF file:
sudo docker exec ldap.crackq.org ldapadd -x -D 'cn=admin,dc=example,dc=org' -w <admin-password> -f /container/service/slapd/assets/config/bootstrap/ldif/custom/test.ldif -H ldap://localhost
Or to prompt for password:
sudo docker exec ldap.crackq.org ldapadd -x -D 'cn=admin,dc=example,dc=org' -W -f /container/service/slapd/assets/config/bootstrap/ldif/custom/test.ldif -H ldap://localhost
The default admin account is created when the container is initially run, the password for this account is set within the docker compose file (docker-compose.xxx.yml, where xxx is dependant on your driver setup). Don't forget to change this after the container is initialized. Also modify any of the other LDAP config options there as needed.
Just to reiterate, it is not recommended to use the demo LDAP server in production without further hardening. However, there is a task to do this on the project roadmap.