ldap 1. 설치 (도커)
ldap
docker-compose.yml
version: "3.8"
services:
openldap:
image: osixia/openldap:latest
container_name: openldap
ports:
- "389:389"
- "636:636"
volumes:
- ./data/certificates:/container/service/slapd/assets/certs
- ./data/slapd/database:/var/lib/ldap
- ./data/slapd/config:/etc/ldap/slapd.d
environment:
LDAP_LOG_LEVEL: "256"
LDAP_ORGANISATION:
LDAP_DOMAIN: "example.com"
LDAP_ADMIN_USERNAME: "admin"
LDAP_ADMIN_PASSWORD: "admin"
LDAP_CONFIG_PASSWORD: "config"
LDAP_BASE_DN: "dc=example,dc=com"
LDAP_TLS_CRT_FILENAME: "ldap.crt"
LDAP_TLS_KEY_FILENAME: "ldap.key"
LDAP_TLS_CA_CRT_FILENAME: "example.com.ca.crt"
LDAP_READONLY_USER: "true"
LDAP_READONLY_USER_USERNAME: "readonly"
LDAP_READONLY_USER_PASSWORD: "readonly"
networks:
- openldap
phpldapadmin:
image: osixia/phpldapadmin:latest
container_name: phpldapadmin
hostname: phpldapadmin
ports:
- "28080:80"
environment:
PHPLDAPADMIN_LDAP_HOSTS: "openldap"
PHPLDAPADMIN_HTTPS: "false"
depends_on:
- openldap
networks:
- openldap
networks:
openldap:
driver: bridge
실행
docker-compose up -d
접속
http://localhost:28080
- Login DN: cn=admin,dc=example,dc=com
- Password: admin
주요용어
CN (Common Name)
- 사용자 이름 쉽게 생각해서 id정도로 생각하면된다.
DC (Domain Component)
- 도메인 (순서가 중요하다.)
- 예를들어 example.com 를 dc=example,dc=com 로 표현가능하다. (인터넷 도메인과 동일한 포맷이지만 연동되는건 아니다. : 별개)
OU (Organizational Unit)
- 그냥 그룹정도로 생각하면된다.