From 55a3a96d7e2142ba35b71de8c45a94b22c894d5d Mon Sep 17 00:00:00 2001 From: Nicole Roy <nicolesroy@icloud.com> Date: Wed, 14 Dec 2022 15:23:31 -0700 Subject: [PATCH] First commit --- Dockerfile | 9 +++++++++ README.MD | 33 +++++++++++++++++++++++++++++++++ 2 files changed, 42 insertions(+) create mode 100644 Dockerfile create mode 100644 README.MD diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..65a6e37 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,9 @@ +FROM ubuntu:latest + +ARG DEBIAN-FRONTEND=noninteractive + +RUN apt-get update && apt-get install -y apt-transport-https && apt-get -y install less vim apacheds + +EXPOSE 10389 10636 60464 60464/udp 60088 60088/udp + +CMD /usr/lib/jvm/default-java/bin/java -Djava.awt.headless=true -Xmx256m -Dapacheds.controls=org.apache.directory.api.ldap.codec.controls.cascade.CascadeFactory,org.apache.directory.api.ldap.codec.controls.manageDsaIT.ManageDsaITFactory,org.apache.directory.api.ldap.codec.controls.search.entryChange.EntryChangeFactory,org.apache.directory.api.ldap.codec.controls.search.pagedSearch.PagedResultsFactory,org.apache.directory.api.ldap.codec.controls.search.persistentSearch.PersistentSearchFactory,org.apache.directory.api.ldap.codec.controls.search.subentries.SubentriesFactory,org.apache.directory.api.ldap.extras.controls.ppolicy_impl.PasswordPolicyFactory,org.apache.directory.api.ldap.extras.controls.syncrepl_impl.SyncDoneValueFactory,org.apache.directory.api.ldap.extras.controls.syncrepl_impl.SyncInfoValueFactory,org.apache.directory.api.ldap.extras.controls.syncrepl_impl.SyncRequestValueFactory,org.apache.directory.api.ldap.extras.controls.syncrepl_impl.SyncStateValueFactory -Dapacheds.extendedOperations=org.apache.directory.api.ldap.extras.extended.ads_impl.cancel.CancelFactory,org.apache.directory.api.ldap.extras.extended.ads_impl.certGeneration.CertGenerationFactory,org.apache.directory.api.ldap.extras.extended.ads_impl.gracefulShutdown.GracefulShutdownFactory,org.apache.directory.api.ldap.extras.extended.ads_impl.storedProcedure.StoredProcedureFactory,org.apache.directory.api.ldap.extras.extended.ads_impl.gracefulDisconnect.GracefulDisconnectFactory -Dlog4j.configuration=file:/usr/share/apacheds/instances/default/conf/log4j.properties -Dapacheds.log.dir=/usr/share/apacheds/instances/default/log -cp '/usr/share/apacheds/lib/*' org.apache.directory.server.UberjarMain /usr/share/apacheds/instances/default/ diff --git a/README.MD b/README.MD new file mode 100644 index 0000000..44234ea --- /dev/null +++ b/README.MD @@ -0,0 +1,33 @@ +# Docker Apache Directory Server container + +Copyright © 2022 Internet2, All Rights Reserved +Licensed under a Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license + +This container supplies an installation of Apache Directory Server which can be used in connection with other services/containers to bootstrap demos of components which depend on an LDAP directory, Kerberos, or both. Since the Apache Directory Server wrapper currently fails to run on non-Intel architectures, this container can be used on non-Intel x86-64-based architectures to provide a local instance of Apache Directory Server as follows: + +Dependencies: + +-Runtime environment such as Docker Desktop or similar +-For non-x86-64 architecture-based systems, the ability for your Docker to use the virtualization framework, qemu, or similar to emulate x86-64 architecture + +Clone this repo, and then run: + +`docker buildx build --platform linux/amd64 - < Dockerfile -t apacheds` + +This will build the container and push it to the local Docker repo. Then, run the container as follows: + +`docker run --platform linux/amd64 -dt --name apacheds_container -p 10389:10389 -p 10636:10636 -p 60464:60464 -p 60464:60464/udp -p 60088:60088 -p 60088:60088/udp apacheds:latest` + +This will start the container with the necessary ports for: + +- LDAP binds +- LDAPS binds +- Remote password changes +- Kerberos KDC + +You may then use a client tool such as Apache Directory Studio, the Apache Directory Studio Eclipse plugin, ldapsearch, or client libraries in your programming framework of choice to bind against the directory. + +The superuser bind DN is: `uid=admin,ou=system` +The superuser bind password (plaintext) is: `secret` + +It is advisable to change these defaults if you plan to run this container anywhere other than a locked-down development environment.