Skip to content

Demo LDAP Configuration

Jump to bottom
f0cker edited this page Jun 25, 2020 · 1 revision

Demo LDAP Configuration

Skip this part if you are using your own LDAP server or SAML2 auth.

Firstly, point the configuration file to the internal LDAP server:

[auth]
type: ldap
ldap_server: ldap://ldap.crackq.org
group: domain\Domain Users

Adding users using the demo LDAP server container: Generate LDAP SHA hash:

sudo docker exec ldap.crackq.org slappasswd -h {SSHA} -s <new-password>

Copy one of the example LDIF files:

cp ./docker/openldap/bootstrap/crackq_user1.ldif ./docker/openldap/bootstrap/<user>.ldif

Then modify the file to your chosen username and insert the above generated SHA hash.

Add the LDAP user from the LDIF file:

sudo docker exec ldap.crackq.org ldapadd -x -D 'cn=admin,dc=example,dc=org' -w <admin-password> -f /container/service/slapd/assets/config/bootstrap/ldif/custom/test.ldif -H ldap://localhost

Or to prompt for password:

sudo docker exec ldap.crackq.org ldapadd -x -D 'cn=admin,dc=example,dc=org' -W -f /container/service/slapd/assets/config/bootstrap/ldif/custom/test.ldif -H ldap://localhost

The default admin account is created when the container is initially run, the password for this account is set within the docker compose file (docker-compose.xxx.yml, where xxx is dependant on your driver setup). Don't forget to change this after the container is initialized. Also modify any of the other LDAP config options there as needed.

Just to reiterate, it is not recommended to use the demo LDAP server in production without further hardening. However, there is a task to do this on the project roadmap.

Discord Channel Invite

https://discord.gg/PN7CVbt494

CrackQ

Clone this wiki locally