docker-openldap icon indicating copy to clipboard operation
docker-openldap copied to clipboard

Published 20 hours ago verified publisher icon osixia

Read only bind user

Open pwFoo opened this issue 4 years ago • 4 comments
trafficstars

Opened the issue with my question at https://github.com/osixia/docker-phpLDAPadmin/issues/85, but I think it's related to docker-openldap:

I need one or even better custom count of read only bind user(s).

  1. How to create read only bind user with docker-openldap / docker-phpLDAPadmin?
  2. Is that the use case of LDAP_READONLY_USER*?
LDAP_READONLY_USER
LDAP_READONLY_USER_USERNAME
LDAP_READONLY_USER_PASSWORD
  1. Is the LDAP_READONLY_USER managed by phpldapadmin and how to create / duplicate such a user or change password?

I deployed a openldap and it looks like I need to redeploy and configure the hole openldap to create a LDAP_READONLY_USER, so it would be good to know if that is what I need for my use case or how to create such a bind user with RO permissions in the phpldapadmin UI.

pwFoo avatar Feb 06 '21 06:02 pwFoo

In my setup I have the following environment variables set to enabled the read-only user:

      - LDAP_READONLY_USER_PASSWORD=${LDAP_READONLY_USER_PASSWORD}
      - LDAP_READONLY_USER=true

fbartels avatar Feb 12 '21 08:02 fbartels

Hi @fbartels, do I need to delete all existing data an redeploy or just change the ENV VARS and update my docker stack? And the LDAP_READONLY_USER works as bind user? Don't know which permissions are needed to be used as ldap bind user...

pwFoo avatar Feb 14 '21 18:02 pwFoo

Not quite sure (I did not look at the code), but it may be that this is only applied when initially starting the container with an empty data directory.

fbartels avatar Feb 15 '21 07:02 fbartels

Just to confirm that for have some effects you have to completely redeploy the environment

christiansicari avatar Aug 05 '22 13:08 christiansicari