Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Docker OpenLDAP + phpldapadmin example

Start

docker-compose up -d

Query

 docker exec openldap ldapsearch -x -H ldap://localhost -b dc=example,dc=org -D "cn=admin,dc=example,dc=org" -w admin
version: '2'
services:
openldap:
image: osixia/openldap:1.2.3
container_name: openldap
environment:
LDAP_LOG_LEVEL: "256"
LDAP_ORGANISATION: "Example Inc."
LDAP_DOMAIN: "example.org"
LDAP_BASE_DN: ""
LDAP_ADMIN_PASSWORD: "admin"
LDAP_CONFIG_PASSWORD: "config"
LDAP_READONLY_USER: "false"
LDAP_READONLY_USER_USERNAME: "readonly"
LDAP_READONLY_USER_PASSWORD: "readonly"
LDAP_RFC2307BIS_SCHEMA: "false"
LDAP_BACKEND: "mdb"
LDAP_TLS: "true"
LDAP_TLS_CRT_FILENAME: "ldap.crt"
LDAP_TLS_KEY_FILENAME: "ldap.key"
LDAP_TLS_CA_CRT_FILENAME: "ca.crt"
LDAP_TLS_ENFORCE: "false"
LDAP_TLS_CIPHER_SUITE: "SECURE256:-VERS-SSL3.0"
LDAP_TLS_PROTOCOL_MIN: "3.1"
LDAP_TLS_VERIFY_CLIENT: "demand"
LDAP_REPLICATION: "false"
#LDAP_REPLICATION_CONFIG_SYNCPROV: "binddn="cn=admin,cn=config" bindmethod=simple credentials=$LDAP_CONFIG_PASSWORD searchbase="cn=config" type=refreshAndPersist retry="60 +" timeout=1 starttls=critical"
#LDAP_REPLICATION_DB_SYNCPROV: "binddn="cn=admin,$LDAP_BASE_DN" bindmethod=simple credentials=$LDAP_ADMIN_PASSWORD searchbase="$LDAP_BASE_DN" type=refreshAndPersist interval=00:00:00:10 retry="60 +" timeout=1 starttls=critical"
#docker-compose.ymlLDAP_REPLICATION_HOSTS: "#PYTHON2BASH:['ldap://ldap.example.org','ldap://ldap2.example.org']"
KEEP_EXISTING_CONFIG: "false"
LDAP_REMOVE_CONFIG_AFTER_SETUP: "true"
LDAP_SSL_HELPER_PREFIX: "ldap"
tty: true
stdin_open: true
volumes:
- /var/lib/ldap
- /etc/ldap/slapd.d
- /container/service/slapd/assets/certs/
ports:
- "389:389"
- "636:636"
domainname: "example.org" # important: same as hostname
hostname: "example.org"
phpldapadmin:
image: osixia/phpldapadmin:latest
container_name: phpldapadmin
environment:
PHPLDAPADMIN_LDAP_HOSTS: "openldap"
PHPLDAPADMIN_HTTPS: "false"
ports:
- "8080:80"
depends_on:
- openldap
@Mohan-CB

This comment has been minimized.

Copy link

Mohan-CB commented Aug 10, 2019

very niche 👍

@societyblind

This comment has been minimized.

Copy link

societyblind commented Jan 14, 2020

hostname: "example.org" | line causes container setup to fail with "slapd failed with status 1".
ubuntu 19.04, docker-ce 5:19.03.33-0ubuntu-disco , docker-compose 1.21.03

@societyblind

This comment has been minimized.

Copy link

societyblind commented Jan 16, 2020

hostname: "example.org" | line causes container setup to fail with "slapd failed with status 1".
ubuntu 19.04, docker-ce 5:19.03.33-0ubuntu-disco , docker-compose 1.21.03

I eventually got it working by moving the hostname and domainname values to the top of the config and not having them as the same value as in the comment in the original yaml posted above. I'm still not sure why this was an issue:

version: '2'
services:
  openldap:
    image: osixia/openldap:latest
    container_name: openldap
    domainname: "example.org"
    hostname: "openldap"
    environment:
      LDAP_LOG_LEVEL: "256"
      LDAP_ORGANISATION: "Example Inc."
      LDAP_DOMAIN: "example.org"
      LDAP_BASE_DN: "dc=example,dc=org"
      LDAP_ADMIN_PASSWORD: "admin"
      LDAP_CONFIG_PASSWORD: "config"
      LDAP_READONLY_USER: "false"
      LDAP_READONLY_USER_USERNAME: "readonly"
      LDAP_READONLY_USER_PASSWORD: "readonly"
      LDAP_RFC2307BIS_SCHEMA: "false"
      LDAP_BACKEND: "mdb"
      LDAP_TLS: "true"
      LDAP_TLS_CRT_FILENAME: "ldap.crt"
      LDAP_TLS_KEY_FILENAME: "ldap.key"
      LDAP_TLS_CA_CRT_FILENAME: "ca.crt"
      LDAP_TLS_ENFORCE: "false"
      LDAP_TLS_CIPHER_SUITE: "SECURE256:-VERS-SSL3.0"
      LDAP_TLS_PROTOCOL_MIN: "3.1"
      LDAP_TLS_VERIFY_CLIENT: "demand"
      LDAP_REPLICATION: "false"
      #LDAP_REPLICATION_CONFIG_SYNCPROV: "binddn="cn=admin,cn=config" bindmethod=simple credentials=$LDAP_CONFIG_PASSWORD searchbase="cn=config" type=refreshAndPersist retry="60 +" timeout=1 starttls=critical"
      #LDAP_REPLICATION_DB_SYNCPROV: "binddn="cn=admin,$LDAP_BASE_DN" bindmethod=simple credentials=$LDAP_ADMIN_PASSWORD searchbase="$LDAP_BASE_DN" type=refreshAndPersist interval=00:00:00:10 retry="60 +" timeout=1 starttls=critical"
      #docker-compose.ymlLDAP_REPLICATION_HOSTS: "#PYTHON2BASH:['ldap://ldap.example.org','ldap://ldap2.example.org']"
      KEEP_EXISTING_CONFIG: "false"
      LDAP_REMOVE_CONFIG_AFTER_SETUP: "true"
      LDAP_SSL_HELPER_PREFIX: "ldap"
    tty: true
    stdin_open: true
    volumes:
      - /var/lib/ldap
      - /etc/ldap/slapd.d
      - /container/service/slapd/assets/certs/
    ports:
      - "389:389"
      - "636:636"
  phpldapadmin:
    image: osixia/phpldapadmin:latest
    container_name: phpldapadmin
    environment:
      PHPLDAPADMIN_LDAP_HOSTS: "openldap"
      PHPLDAPADMIN_HTTPS: "false"
    ports:
      - "8080:80"
    depends_on:
      - openldap

Note: this does not properly set the fqdn of the openldap container. Curiously - if you add values for the hostname and domainname under container_name of the phpldapamin container config it does properly set the fqdn of that container.

@parsifalzgz

This comment has been minimized.

Copy link

parsifalzgz commented Jan 25, 2020

the website works but I cannot log in the ldapadmin website.
Using "example.com:8080" and
Login:cn=admin,dc=example,dc=org

Password:"admin"

Any idea?

@shamal

This comment has been minimized.

Copy link

shamal commented Feb 13, 2020

the website works but I cannot log in the ldapadmin website.
Using "example.com:8080" and
Login:cn=admin,dc=example,dc=org

Password:"admin"

Any idea?

Yes. This is the format.

@abc007xyz

This comment has been minimized.

Copy link

abc007xyz commented Mar 14, 2020

Hello,
Can you help me ?
When I use launch the page localhost:8080 in firefox , I have the message:
Forbidden
You don't have permission to access this resource.
Thanks in advance.

@nthung82

This comment has been minimized.

Copy link

nthung82 commented May 2, 2020

docker run --name ldap-service --hostname ldap-service --detach osixia/openldap:1.1.8
docker run --name phpldapadmin-service --hostname phpldapadmin-service -p 6443:443 --link ldap-service:ldap-host --env PHPLDAPADMIN_LDAP_HOSTS=ldap-host --detach osixia/phpldapadmin:0.9.0

Login:

Username: "cn=admin,dc=example,dc=org"
Password: "admin"

@samusinho

This comment has been minimized.

Copy link

samusinho commented May 3, 2020

hi.
I'm trying to login with

Username: cn=admin,dc=example,dc=org
Password: admin

ldaplogin

but, ldap always show "user or passwor incorrect".

thanks for ur help

@mettacrawler

This comment has been minimized.

Copy link

mettacrawler commented May 22, 2020

The osixia/openldap repo comes with a sample docker-compose.yml file
https://github.com/osixia/docker-openldap/blob/stable/example/docker-compose.yml

@stwaidele

This comment has been minimized.

Copy link

stwaidele commented Aug 8, 2020

I also had the login–issue. Root cause was that the openldap–container failed and stopped immediately, throwing error messages that led to some really old bugreports.

The issue was resolved when I changed the line
image: osixia/openldap:1.2.3
to
image: osixia/openldap:latest

I'd suggest to change the example accordingly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.