docker-openldap
docker-openldap copied to clipboard
tiredofit
Do not see any search results
we don't see any search results using this image. here is what we did:
- Started the server by running following command:
docker run -p 636:636 -p 389:389 --name jnj-ldap-server --env BACKEND=mdb --env ENABLE_TLS=false --env BASE_DN=dc=jnj,dc=com --env TLS_VERIFY_CLIENT=never --env TLS_ENFORCE=false --env HOSTNAME=localhost --env DOMAIN=jnj.com --env ADMIN_PASS=superman --env CONFIG_PASS=spiderman --env 'ORGANIZATION=Johnson & Johnson' --env LOG_LEVEL=1 --log-opt max-file=3 --log-opt max-size=10m --detach tiredofit/openldap
- Make a query by running following commands:
$ export BASE_DN=dc=jnj,dc=com
$ export ADMIN_PASS=superman
$ ldapsearch -x -h localhost -p 389 -b $BASE_DN -D "cn=admin,dc=jnj,dc=com" -w $ADMIN_PASS
Expected: Result for the admin user
Observed:
# extended LDIF
#
# LDAPv3
# base <dc=jnj,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# search result
search: 2
result: 32 No such object
# numResponses: 1
Server log can be found here. Is there something wrong that we are doing?
I get the results of 11,000+ records with your command so I'm not sure what could be happening there. You might not see your admin account listed as it may be sitting in db0 (config). Have you tried adding any normal users yet?
Try this for an example https://www.thegeekstuff.com/2015/02/openldap-add-users-groups/
Tried adding normal users but it complains as it cannot find any entry for the base DN.
First we created a file
WITSC02X6385JGH:docker-openldap sjain68$ cat adam.ldif
dn: uid=adam,dc=jnj,dc=com
objectClass: inetOrgPerson
mail: [email protected]
uid: adam
cn: adam
sn: adam
userPassword: {SSHA}x
Then we tried to add:
$ ldapadd -x -h localhost -p 389 -D "cn=admin,dc=jnj,dc=com" -w $ADMIN_PASS -f adam.ldif
adding new entry "uid=adam,dc=jnj,dc=com"
ldap_add: No such object (32)
In server logs we see this:
5cc33685 mdb_dn2entry("uid=adam,dc=jnj,dc=com")
5cc33685 => mdb_dn2id("uid=adam,dc=jnj,dc=com")
5cc33685 <= mdb_dn2id: get failed: MDB_NOTFOUND: No matching key/data pair found (-30798)
5cc33685 mdb_add: parent does not exist
5cc33685 send_ldap_result: conn=1005 op=1 p=3
5cc33685 send_ldap_response: msgid=2 tag=105 err=32
so there isn't any base entry created in the database. shouldn't the docker command be creating a base entry in the database?
Yes, should. You might have uncovered a bug here. Can I get you to just do a quick test with starting with fresh folders and try my tiredofit/openldap-fusiondirectory image instead? It should work without the companion front end. If you see different results then I something might have changed along the way. This is the first I have seen this however.
we did not try that image but confirm that there wasn't any base entry in the database i.e., the LDAP tree was empty. Once we added a root node (the base entry), then our search started giving back results.
sure. this is the minimal LDIF to create a base entry:
$ cat basedn.ldif
dn: dc=uber,dc=com
dc: uber
o: Uber
objectclass: organization
objectclass: dcObject
and we added it to the database by running:
$ ldapadd -x -h localhost -p 389 -D "cn=admin,dc=uber,dc=com" -w $ADMIN_PASS -f basedn.ldif
Thanks! How I've missed this is beyond me, but there have been many iterations of this image over the years and I may have missed one. I hope you have success going forward with this!
sure. this is the minimal LDIF to create a base entry:
$ cat basedn.ldif dn: dc=uber,dc=com dc: uber o: Uber objectclass: organization objectclass: dcObjectand we added it to the database by running:
$ ldapadd -x -h localhost -p 389 -D "cn=admin,dc=uber,dc=com" -w $ADMIN_PASS -f basedn.ldif
This resolved the binding issue I have been experiencing, thanks!
