Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to set ldap domain to anything other than example.org #338

Open
codefriar opened this issue Jul 24, 2019 · 1 comment
Open

Unable to set ldap domain to anything other than example.org #338

codefriar opened this issue Jul 24, 2019 · 1 comment

Comments

@codefriar
Copy link

codefriar commented Jul 24, 2019
edited
Loading

Greetings,

I'm attempting to launch this container via docker compose. Here's my compose file:

---
version: '3'

# This networks section required for the pacakge to be visible to Traefik.
# DO NOT Remove
networks:
  traefik_network:
    external:
      name: homelabos_traefik

services:
  openldap:
    networks:
      - traefik_network
    image: osixia/openldap:1.2.4
    command: --loglevel debug --copy-service
    volumes:
      - ldap_db:/var/lib/ldap
      - ldap_config:/etc/ldap/slapd.d
      - /var/homelabos/authelia/ldap/custom:/container/service/slapd/assets/config/bootstrap/ldif/custom
    environment:
      - LDAP_ORGANISATION=pinguinshow
      - LDAP_DOMAIN="pinguinshow.com"
      - LDAP_BASE_DN=dc=pinguinshow,dc=com
      - LDAP_ADMIN_PASSWORD='admin'
      - LDAP_CONFIG_PASSWORD='config'
volumes:
  ldap_db:
  ldap_config:

In my /var/homelabos/authelia/ldap/custom directory I have two .ldif files:

01-olcRootDN.ldif which reads

dn: olcDatabase={1}mdb,cn=config
changetype: modify
replace: olcSuffix
olcSuffix: dc=pinguinshow,dc=com

replace: olcRootDN
olcRootDN: cn=admin,dc=pinguinshow,dc=com

and 02-createRootDN.ldif which reads

dn: dc=pinguinshow,dc=com
changetype: add
objectClass: organizationalUnit
ou: pinguinshow

Now as I understand it, because I've mounted the directory these files are in, they should override the standard configs.

However, when I try to bring up the service, I get this:

openldap_1  | ldap_modify: Server is unwilling to perform (53)
openldap_1  | 	additional info: no global superior knowledge
openldap_1  | modifying entry "cn=admin,dc=pinguinshow,dc=com"
openldap_1  | 5d3893ba conn=1004 fd=12 ACCEPT from IP=127.0.0.1:58346 (IP=127.0.0.1:389)
openldap_1  | 5d3893ba conn=1004 op=0 BIND dn="cn=admin,dc=pinguinshow,dc=com" method=128
openldap_1  | 5d3893ba conn=1004 op=0 RESULT tag=97 err=49 text=
openldap_1  | 5d3893ba conn=1004 op=1 UNBIND
openldap_1  | 5d3893ba conn=1004 fd=12 closed
openldap_1  | ldap_bind: Invalid credentials (49)
openldap_1  | *** /container/run/startup/slapd failed with status 49
openldap_1  |
openldap_1  | *** Run commands before finish...
openldap_1  | *** Killing all processes...
openldap_1  | 5d3893ba daemon: shutdown requested and initiated.
openldap_1  | 5d3893ba slapd shutdown: waiting for 0 operations/tasks to finish

Full Logs, in debug mode, found here

However, if I revert my configuration back to example.org as the LDAP_DOMAIN, everything boots properly. Am I doing this wrong?
@obourdon
Copy link
Contributor

@codefriar please have a look at #307, #172, #98 and #238. Seems related to your very own issue

This was referenced Jul 29, 2019
Merged
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@codefriar @obourdon