Docker 실행
docker run --rm -v C:/Users/user/Documents/study/ldap:/home -p 389:389 -p 636:636 --name ldap --env LDAP_ORGANISATION="My Company" --env LDAP_DOMAIN="company.com" --env LDAP_ADMIN_PASSWORD="admin" --detach osixia/openldap:1.5.0
--env LDAP_ORGANISATION="My Company" : 초기 조직명 세팅
--env LDAP_DOMAIN="company.com" : 초기 baseDn 세팅
--env LDAP_ADMIN_PASSWORD="admin" : 초기 관리자 비밀번호 세팅
-v C:/Users/user/Documents/study/ldap:/home 같은 경우 초기 데이터를 세팅하기 위해서 마운트 해준다.
필자는 C:/Users/user/Documents/study/ldap 경로에 bootstrap.ldif 를 만들어 아래의 데이터를 저장하였다.
# Organization Entry: ACompany
dn: o=ACompany,dc=company,dc=com
objectClass: top
objectClass: organization
o: ACompany
# Organizational Unit: Enter Department
dn: ou=Enter,o=ACompany,dc=company,dc=com
objectClass: top
objectClass: organizationalUnit
ou: Enter
# Organizational Unit: People in Enter Department
dn: ou=People,ou=Enter,o=ACompany,dc=company,dc=com
objectClass: top
objectClass: organizationalUnit
ou: People
# User Entry: Ava in Enter Department
dn: cn=Ava,ou=People,ou=Enter,o=ACompany,dc=company,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: organizationalPerson
cn: Ava
sn: Smith
uid: ava.enter
mail: ava.smith@company.com
telephoneNumber: +1 234 567 8901
title: Manager
userPassword: {SHA}abc123def456
description: Team lead for Enter department
# User Entry: Mia in Enter Department
dn: cn=Mia,ou=People,ou=Enter,o=ACompany,dc=company,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: organizationalPerson
cn: Mia
sn: Johnson
uid: mia.enter
mail: mia.johnson@company.com
telephoneNumber: +1 234 567 8902
title: Developer
userPassword: {SHA}xyz789ghi012
description: Software developer in Enter department
# User Entry: Zoe in Enter Department
dn: cn=Zoe,ou=People,ou=Enter,o=ACompany,dc=company,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: organizationalPerson
cn: Zoe
sn: Brown
uid: zoe.enter
mail: zoe.brown@company.com
telephoneNumber: +1 234 567 8903
title: Designer
userPassword: {SHA}mno456pqr789
description: UX/UI Designer for Enter department
# Organizational Unit: Groups in Enter Department
dn: ou=Groups,ou=Enter,o=ACompany,dc=company,dc=com
objectClass: top
objectClass: organizationalUnit
ou: Groups
# Group Entries in Enter Department
dn: cn=Admins,ou=Groups,ou=Enter,o=ACompany,dc=company,dc=com
objectClass: top
objectClass: groupOfNames
cn: Admins
member: cn=Ava,ou=People,ou=Enter,o=ACompany,dc=company,dc=com
dn: cn=Users,ou=Groups,ou=Enter,o=ACompany,dc=company,dc=com
objectClass: top
objectClass: groupOfNames
cn: Users
member: cn=Mia,ou=People,ou=Enter,o=ACompany,dc=company,dc=com
dn: cn=ContractWorker,ou=Groups,ou=Enter,o=ACompany,dc=company,dc=com
objectClass: top
objectClass: groupOfNames
cn: ContractWorker
member: cn=Zoe,ou=People,ou=Enter,o=ACompany,dc=company,dc=com
# Organizational Unit: Bank Department in ACompany
dn: ou=Bank,o=ACompany,dc=company,dc=com
objectClass: top
objectClass: organizationalUnit
ou: Bank
# Organizational Unit: People in Bank Department
dn: ou=People,ou=Bank,o=ACompany,dc=company,dc=com
objectClass: top
objectClass: organizationalUnit
ou: People
# User Entries in Bank Department
dn: cn=Lily,ou=People,ou=Bank,o=ACompany,dc=company,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: organizationalPerson
cn: Lily
sn: Taylor
uid: lily.bank
mail: lily.taylor@company.com
telephoneNumber: +1 345 678 9012
title: Analyst
userPassword: {SHA}ghi456jkl123
description: Financial analyst in Bank department
dn: cn=Emma,ou=People,ou=Bank,o=ACompany,dc=company,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: organizationalPerson
cn: Emma
sn: Lee
uid: emma.bank
mail: emma.lee@company.com
telephoneNumber: +1 345 678 9013
title: Accountant
userPassword: {SHA}rst123uvw456
description: Accountant in Bank department
dn: cn=Nora,ou=People,ou=Bank,o=ACompany,dc=company,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: organizationalPerson
cn: Nora
sn: Wilson
uid: nora.bank
mail: nora.wilson@company.com
telephoneNumber: +1 345 678 9014
title: Clerk
userPassword: {SHA}xyz123abc456
description: Clerk in Bank department
# Organizational Unit: Groups in Bank Department
dn: ou=Groups,ou=Bank,o=ACompany,dc=company,dc=com
objectClass: top
objectClass: organizationalUnit
ou: Groups
# Group Entries in Bank Department
dn: cn=Admins,ou=Groups,ou=Bank,o=ACompany,dc=company,dc=com
objectClass: top
objectClass: groupOfNames
cn: Admins
member: cn=Lily,ou=People,ou=Bank,o=ACompany,dc=company,dc=com
dn: cn=Users,ou=Groups,ou=Bank,o=ACompany,dc=company,dc=com
objectClass: top
objectClass: groupOfNames
cn: Users
member: cn=Emma,ou=People,ou=Bank,o=ACompany,dc=company,dc=com
dn: cn=ContractWorker,ou=Groups,ou=Bank,o=ACompany,dc=company,dc=com
objectClass: top
objectClass: groupOfNames
cn: ContractWorker
member: cn=Nora,ou=People,ou=Bank,o=ACompany,dc=company,dc=com
# Organization Entry: BCompany
dn: o=BCompany,dc=company,dc=com
objectClass: top
objectClass: organization
o: BCompany
# Organizational Unit: Map Department in BCompany
dn: ou=Map,o=BCompany,dc=company,dc=com
objectClass: top
objectClass: organizationalUnit
ou: Map
# Organizational Unit: People in Map Department
dn: ou=People,ou=Map,o=BCompany,dc=company,dc=com
objectClass: top
objectClass: organizationalUnit
ou: People
# User Entries in Map Department
dn: cn=Leah,ou=People,ou=Map,o=BCompany,dc=company,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: organizationalPerson
cn: Leah
sn: Parker
uid: leah.map
mail: leah.parker@company.com
telephoneNumber: +1 456 789 0123
title: Manager
userPassword: {SHA}abc456ghi789
description: Manager of Map department
dn: cn=June,ou=People,ou=Map,o=BCompany,dc=company,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: organizationalPerson
cn: June
sn: Wright
uid: june.map
mail: june.wright@company.com
telephoneNumber: +1 456 789 0124
title: Engineer
userPassword: {SHA}ghi012mno456
description: Software engineer in Map department
dn: cn=Ella,ou=People,ou=Map,o=BCompany,dc=company,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: organizationalPerson
cn: Ella
sn: Scott
uid: ella.map
mail: ella.scott@company.com
telephoneNumber: +1 456 789 0125
title: Analyst
userPassword: {SHA}uvw123rst789
description: Data analyst in Map department
# Organizational Unit: Groups in Map Department
dn: ou=Groups,ou=Map,o=BCompany,dc=company,dc=com
objectClass: top
objectClass: organizationalUnit
ou: Groups
# Group Entries in Map Department
dn: cn=Admins,ou=Groups,ou=Map,o=BCompany,dc=company,dc=com
objectClass: top
objectClass: groupOfNames
cn: Admins
member: cn=Leah,ou=People,ou=Map,o=BCompany,dc=company,dc=com
dn: cn=Users,ou=Groups,ou=Map,o=BCompany,dc=company,dc=com
objectClass: top
objectClass: groupOfNames
cn: Users
member: cn=June,ou=People,ou=Map,o=BCompany,dc=company,dc=com
dn: cn=ContractWorker,ou=Groups,ou=Map,o=BCompany,dc=company,dc=com
objectClass: top
objectClass: groupOfNames
cn: ContractWorker
member: cn=Ella,ou=People,ou=Map,o=BCompany,dc=company,dc=com
# Organizational Unit: Music Department in BCompany
dn: ou=Music,o=BCompany,dc=company,dc=com
objectClass: top
objectClass: organizationalUnit
ou: Music
# Organizational Unit: People in Music Department
dn: ou=People,ou=Music,o=BCompany,dc=company,dc=com
objectClass: top
objectClass: organizationalUnit
ou: People
# User Entries in Music Department
dn: cn=Kate,ou=People,ou=Music,o=BCompany,dc=company,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: organizationalPerson
cn: Kate
sn: Morris
uid: kate.music
mail: kate.morris@company.com
telephoneNumber: +1 567 890 1234
title: Singer
userPassword: {SHA}abc789xyz456
description: Lead singer in Music department
dn: cn=Jade,ou=People,ou=Music,o=BCompany,dc=company,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: organizationalPerson
cn: Jade
sn: Adams
uid: jade.music
mail: jade.adams@company.com
telephoneNumber: +1 567 890 1235
title: Composer
userPassword: {SHA}def123ghi456
description: Music composer in Music department
dn: cn=Ivy,ou=People,ou=Music,o=BCompany,dc=company,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: organizationalPerson
cn: Ivy
sn: Carter
uid: ivy.music
mail: ivy.carter@company.com
telephoneNumber: +1 567 890 1236
title: Musician
userPassword: {SHA}jkl456mno123
description: Instrumental musician in Music department
# Organizational Unit: Groups in Music Department
dn: ou=Groups,ou=Music,o=BCompany,dc=company,dc=com
objectClass: top
objectClass: organizationalUnit
ou: Groups
# Group Entries in Music Department
dn: cn=Admins,ou=Groups,ou=Music,o=BCompany,dc=company,dc=com
objectClass: top
objectClass: groupOfNames
cn: Admins
member: cn=Kate,ou=People,ou=Music,o=BCompany,dc=company,dc=com
dn: cn=Users,ou=Groups,ou=Music,o=BCompany,dc=company,dc=com
objectClass: top
objectClass: groupOfNames
cn: Users
member: cn=Jade,ou=People,ou=Music,o=BCompany,dc=company,dc=com
dn: cn=ContractWorker,ou=Groups,ou=Music,o=BCompany,dc=company,dc=com
objectClass: top
objectClass: groupOfNames
cn: ContractWorker
member: cn=Ivy,ou=People,ou=Music,o=BCompany,dc=company,dc=com
도커를 실행후에
docker exec -it ldap /bin/bash명령 docker 에 접속한다. 그리고
cd /home명령을 통해서 bootstrap.ldif 파일이 있는 /home 디렉터리로 이동한다.
ldapadd -x -D "cn=admin,dc=company,dc=com" -w admin -f bootstrap.ldif명령을 통해서 ldap에 초기 데이터를 세팅할 수 있다.
ldapsearch -x -D "cn=admin,dc=company,dc=com" -w admin -b "dc=company,dc=com" -s sub "(objectClass=inetOrgPerson)"위의 명령을 통해서 정상적으로 모든사용자가 저장되었는지 확인할 수 있다.
ldapsearch -x -D "cn=admin,dc=company,dc=com" -w admin -LLL -b "dc=company,dc=com" dn모든 dn 확인하는 쿼리이다.
'LDAP' 카테고리의 다른 글
| LDAP (3) | 2024.10.05 |
|---|---|
| LDAP 필터 (0) | 2024.10.05 |
| LDAP 용어 정리 (1) | 2024.10.05 |
| LDAP 검색 스코프(base, one, subree, children) (1) | 2024.10.05 |
| LDAP에서 주요 objectClass 유형 (1) | 2024.10.05 |