ldap 1. 설치 (도커)
ldap

docker-compose.yml

version: "3.8"

services:
  openldap:
    image: osixia/openldap:latest
    container_name: openldap
    ports:
      - "389:389"
      - "636:636"
    volumes:
      - ./data/certificates:/container/service/slapd/assets/certs
      - ./data/slapd/database:/var/lib/ldap
      - ./data/slapd/config:/etc/ldap/slapd.d
    environment:
      LDAP_LOG_LEVEL: "256"
      LDAP_ORGANISATION:
      LDAP_DOMAIN: "example.com"
      LDAP_ADMIN_USERNAME: "admin"
      LDAP_ADMIN_PASSWORD: "admin"
      LDAP_CONFIG_PASSWORD: "config"
      LDAP_BASE_DN: "dc=example,dc=com"
      LDAP_TLS_CRT_FILENAME: "ldap.crt"
      LDAP_TLS_KEY_FILENAME: "ldap.key"
      LDAP_TLS_CA_CRT_FILENAME: "example.com.ca.crt"
      LDAP_READONLY_USER: "true"
      LDAP_READONLY_USER_USERNAME: "readonly"
      LDAP_READONLY_USER_PASSWORD: "readonly"
    networks:
      - openldap

  phpldapadmin:
    image: osixia/phpldapadmin:latest
    container_name: phpldapadmin
    hostname: phpldapadmin
    ports:
      - "28080:80"
    environment:
      PHPLDAPADMIN_LDAP_HOSTS: "openldap"
      PHPLDAPADMIN_HTTPS: "false"
    depends_on:
      - openldap
    networks:
      - openldap

networks:
  openldap:
    driver: bridge

실행

docker-compose up -d

접속

http://localhost:28080

  • Login DN: cn=admin,dc=example,dc=com
  • Password: admin

ldap

주요용어

CN (Common Name)

  • 사용자 이름 쉽게 생각해서 id정도로 생각하면된다.

DC (Domain Component)

  • 도메인 (순서가 중요하다.)
  • 예를들어 example.com 를 dc=example,dc=com 로 표현가능하다. (인터넷 도메인과 동일한 포맷이지만 연동되는건 아니다. : 별개)

OU (Organizational Unit)

  • 그냥 그룹정도로 생각하면된다.