From 1817d647a25ebab9a48b9c32d34997926e6b74b9 Mon Sep 17 00:00:00 2001
From: root <root@ip-172-31-23-251.us-west-2.compute.internal>
Date: Mon, 8 May 2023 16:51:00 +0000
Subject: [PATCH] fix phpldapadmin to AD

---
 Workbench/ad/Dockerfile                       |  4 +-
 Workbench/ad/container_files/certs/ca.pem     | 34 ++++++++++++
 Workbench/ad/container_files/certs/cert.pem   | 34 ++++++++++++
 Workbench/ad/container_files/certs/key.pem    | 52 +++++++++++++++++++
 Workbench/ad/{ => container_files}/start.sh   |  0
 Workbench/directory/Dockerfile                |  2 +
 .../etc/phpldapadmin/config.php               |  8 +--
 .../container_files/misc/ad-ca-cert.pem       | 34 ++++++++++++
 .../directory/container_files/misc/ldap.conf  | 21 ++++++++
 Workbench/docker-compose.yml                  |  3 ++
 10 files changed, 187 insertions(+), 5 deletions(-)
 create mode 100644 Workbench/ad/container_files/certs/ca.pem
 create mode 100644 Workbench/ad/container_files/certs/cert.pem
 create mode 100644 Workbench/ad/container_files/certs/key.pem
 rename Workbench/ad/{ => container_files}/start.sh (100%)
 create mode 100644 Workbench/directory/container_files/misc/ad-ca-cert.pem
 create mode 100644 Workbench/directory/container_files/misc/ldap.conf

diff --git a/Workbench/ad/Dockerfile b/Workbench/ad/Dockerfile
index b25f209..ff2dac6 100644
--- a/Workbench/ad/Dockerfile
+++ b/Workbench/ad/Dockerfile
@@ -8,7 +8,9 @@ RUN apt-get install -y pkg-config
 RUN apt-get install -y attr acl samba smbclient ldap-utils winbind libnss-winbind libpam-winbind krb5-user krb5-kdc supervisor
 RUN apt-get install -y openvpn inetutils-ping
 
-ADD start.sh /start.sh
+ADD container_files/certs/ /var/lib/samba/private/tls/
+
+ADD container_files/start.sh /start.sh
 RUN chmod 755 /start.sh
 CMD /start.sh setup
 
diff --git a/Workbench/ad/container_files/certs/ca.pem b/Workbench/ad/container_files/certs/ca.pem
new file mode 100644
index 0000000..9361418
--- /dev/null
+++ b/Workbench/ad/container_files/certs/ca.pem
@@ -0,0 +1,34 @@
+-----BEGIN CERTIFICATE-----
+MIIFqzCCA5OgAwIBAgIEDv1YZDANBgkqhkiG9w0BAQUFADB1MR0wGwYDVQQKExRT
+YW1iYSBBZG1pbmlzdHJhdGlvbjE3MDUGA1UECxMuU2FtYmEgLSB0ZW1wb3Jhcnkg
+YXV0b2dlbmVyYXRlZCBDQSBjZXJ0aWZpY2F0ZTEbMBkGA1UEAxMSREMxLmFkLmV4
+YW1wbGUuZWR1MB4XDTIzMDUwODEzNDU1MFoXDTI1MDQwNzEzNDU1MFowdTEdMBsG
+A1UEChMUU2FtYmEgQWRtaW5pc3RyYXRpb24xNzA1BgNVBAsTLlNhbWJhIC0gdGVt
+cG9yYXJ5IGF1dG9nZW5lcmF0ZWQgQ0EgY2VydGlmaWNhdGUxGzAZBgNVBAMTEkRD
+MS5hZC5leGFtcGxlLmVkdTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
+AOoD7lhOFmy/jaWTKffntRWyEGQb4LJmNgRWkzZGU+/UeMftpT8uXm6LskDyqnPO
+J4q8dnAigV/aDughEr4OzN024SgdZPPSbnGRhwuh9T0FhK153RIDqBsu0ar8Tp3Z
+7RDwZcTsVqaIgeFJ4Wm/tG1viB1/M/GzyxLGamusqfuFYvbXfCOku9oPfnN0NuHW
+exPmXQbP38WmF0360FDnDU91X0g/5txHe4Y5khSyUca/qf9/Tc3HX7MXuIr5XjM2
+l+kswygm98G0YMQfl9hxYE/suAdb5Pr1O/fET0AoDea8uUaNaVhFcfAM2ZyacBuv
+cBNhEmTkYsIoA60Xy05zvf1pow/MIMMBLyKiEt6zejk1bCukGF2XXRafbqY6CYMl
+iRGpcEMayBqoKgwsbwwo5+uLL4O7Ig9uSxPr3CWPfffX6LwgNEvG5tdmr+B4OiGm
+zXVUOOQ6IUWqvHxwwg5sPFndDXwaOIudKsEvvqeKEMtkqOVEn5Th4jtJw/2pj8Ud
+Tuc1Du880kHjnPXIYCh195U4styk5LW5xEyLHiM/4QXG0m+H+6f4epWr6Eg129tz
+ovsNcpIAuar38i49KlWvGYvdYGeUvRVI3GToBpY+OwaETfgYQPMW213cKXOCbfly
+yw9sWFE9zQ+VVFa9i/WzpEdFk0EgPaQ7E0fxV6iwH4LnAgMBAAGjQzBBMA8GA1Ud
+EwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcGADAdBgNVHQ4EFgQU3rZVC4JD1G2B
+qYyhIvmm5OpsQtwwDQYJKoZIhvcNAQEFBQADggIBABFBiPBU6QY1ykjQoKtlnTbI
+KrVAf3TeF5e9gwB/tQmTP7WbzQtYMg5ox6i6V6ro6Hn5Gfv0kVmZdEaKReKp/jP/
+F1kx+jk0j/lVUK9sp6RX556YBS4PPwre2vbItjwz4TU8b1YBQwZf+EiUzp6G/dP0
+V+9kCNeURs6pxt8F1TYMNy1nREoqAFnGyDQNh1Mb+sZeHaJKc07Ah+mpy25Rj3Tc
+DJsaFSSBoBkrsKa6fId2uqBDIfHx2gHwMxvK2tGRVQimGMSFNnOCEc6KpiRl/X3S
+BzqZzh7djd8wVcoD1jOpYEQIbpox0FHXnkAD/7l3iwJzayk3HcUjqxKQwl5N1XzF
+2relunwQZF0F8jheT9PLrgFWkIu6I7Hx2+dLERBKGH5Q7YgIn0XRijRHvnMsQN4m
+dfa0rVFrQLSk/E+bXuI9+dCMcZjJUGvVKtM6gVW3syrENRdW0xHzHCFEG+JnXlhi
+DOzW1RRkMwk4349Ici1zUrh6S3L9c4LmY4JqpQB2tGXaegU8vEEoFd6I2E2ETECF
+vlDFmdxtEEeLFZoujEmrzKA6nIKyFv2ffRaftH+fjaz5zemoYukqpSWIQ2mekla1
+Z4jmZPCYWZJ5Y0yYoAqXZhT0DPmF2ht8W6fN6clcwpYUxGWP0Rie0ov/HTpEwvBX
+Nf6BqT3tLEVv3GAbhQtt
+-----END CERTIFICATE-----
+
diff --git a/Workbench/ad/container_files/certs/cert.pem b/Workbench/ad/container_files/certs/cert.pem
new file mode 100644
index 0000000..b2a8df2
--- /dev/null
+++ b/Workbench/ad/container_files/certs/cert.pem
@@ -0,0 +1,34 @@
+-----BEGIN CERTIFICATE-----
+MIIFrjCCA5agAwIBAgIEDv1YZDANBgkqhkiG9w0BAQUFADB1MR0wGwYDVQQKExRT
+YW1iYSBBZG1pbmlzdHJhdGlvbjE3MDUGA1UECxMuU2FtYmEgLSB0ZW1wb3Jhcnkg
+YXV0b2dlbmVyYXRlZCBDQSBjZXJ0aWZpY2F0ZTEbMBkGA1UEAxMSREMxLmFkLmV4
+YW1wbGUuZWR1MB4XDTIzMDUwODEzNDU1MFoXDTI1MDQwNzEzNDU1MFowdzEdMBsG
+A1UEChMUU2FtYmEgQWRtaW5pc3RyYXRpb24xOTA3BgNVBAsTMFNhbWJhIC0gdGVt
+cG9yYXJ5IGF1dG9nZW5lcmF0ZWQgSE9TVCBjZXJ0aWZpY2F0ZTEbMBkGA1UEAxMS
+REMxLmFkLmV4YW1wbGUuZWR1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
+AgEAq+xZkrKIr1eVSfLYRYk5bGXE3D7GQl2Sd5FYFmNVrouYu02ySVyJnZbJ4LIW
+K7GfskEFysaDY95ZFeXdT4vD4iHUYm9+5R6kUTAHZe4mF6wcl/DdKfU8GwInloaZ
+xADyD7wtE4FZIUr/sY5Y1GcTUaKg5HSkOMAB0wBErc++xETkO0J+FD2FKCnL8ilq
+vZuNBg8923UEf2v1zLS5Nqz0cadw5e0aeIb6Couv1proQlgjKNakRbnHSNpkh0eB
+EaJE1/nVVKgUO+vf3QZRno5ZRO5SmflmG4IRHxh/LgtI8L/HvBgZXmXU4f+SapPx
+xLH/jBs3e4M2Wi6O+ksE9EE+4u4bTURAh7ejL5zUUy2hCoUcTinVdfh3aKx9SWwB
+OsnGDkCKvFmt/niYs+Saha2AM4SvTb3O7AaDj+4sg7Jaw32ZM3DOTq3E3PJw8YVa
+NxjqJYUrgq13qT4xT5gqj9yuAa/Fpq0Af37dKtZj5IifINxxvZ5fUHAjyYIPY1DG
+w0y1Xg1uM+MkXJ0UEdDlHLH2I4v/jbmlnzjAPuhOqIikOjh02PoXFqi0vayK9FMT
+e00jU2xqpjggCd+BMOvgCnOJ5i7nAjoKiSX2r6fQZP1Lf+DKrsN3eyd3y5ODRHxW
+wbZRTEbtRprWUe82+a6uLNt4XjHkoYiYrbt4XrSMw9Zi8QUCAwEAAaNEMEIwDAYD
+VR0TAQH/BAIwADATBgNVHSUEDDAKBggrBgEFBQcDATAdBgNVHQ4EFgQUGrhM1Htf
+7d8CDr6nKf/nIFCzjK0wDQYJKoZIhvcNAQEFBQADggIBAD+Sn2XLj03dGn5ivasv
+NqmaE7lE3JAuaadHhVOygP78Eqa8NXxsovPIFiObjrR5JQ4JrFTwH8l1k8z2KAf/
+TxB95MGmDCQwsDdQYR6JjGn4zUJSonxDhHoxGcYyTh5wOaLGaNImabEegovdYquU
+891EpMSY9WdiQnr9LHY7sJapRZmvQfOL8cz/+53SBt/IopkzG7aTt2S6iXQjIMqs
+d7lqJ2I7iw0rJi38GqoU29SkAz05w4/0ITLWfjScJ3WubM2AvvdmP0OR52EHG8ZD
+MZO80kKbmAep1hX2hNL79X999sF7JI3d773vbM5tWTk7AR1opMpPkVjR1LdrUbh/
+YQJwpx7jgRnSLJVmIyPv5OsWyaPoFIl07x0HSQ8NEvT1KqFGIrc4+4L/NsGoIlig
+qQhanGHL5RVU5kwV2j4ffzV1pu7MaAnkcFct8b6KVZzfnfvjOW2aYiH3BUwNjj+s
+8Yd2neQ2zs7fmgRDfin75SdV8dibuujq/Ybe4AFwE6oYu5T4nMidZ2F1ym0tADky
+5a2XG6eSdznqqksOYL/wBI8ILQZPQ9iGg1z5LdKrlDykDoeMQ/7LiEncxkEbhlU8
+OKqVd8pOEFKAG9vOpouihUCC7T15ePnTQ9g3SmgdfR2WJg0tQupBpSjoiPEF7Mxs
+r2e3yfFxb5GamwUyAZCDsHgP
+-----END CERTIFICATE-----
+
diff --git a/Workbench/ad/container_files/certs/key.pem b/Workbench/ad/container_files/certs/key.pem
new file mode 100644
index 0000000..a7763a1
--- /dev/null
+++ b/Workbench/ad/container_files/certs/key.pem
@@ -0,0 +1,52 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIJKgIBAAKCAgEAq+xZkrKIr1eVSfLYRYk5bGXE3D7GQl2Sd5FYFmNVrouYu02y
+SVyJnZbJ4LIWK7GfskEFysaDY95ZFeXdT4vD4iHUYm9+5R6kUTAHZe4mF6wcl/Dd
+KfU8GwInloaZxADyD7wtE4FZIUr/sY5Y1GcTUaKg5HSkOMAB0wBErc++xETkO0J+
+FD2FKCnL8ilqvZuNBg8923UEf2v1zLS5Nqz0cadw5e0aeIb6Couv1proQlgjKNak
+RbnHSNpkh0eBEaJE1/nVVKgUO+vf3QZRno5ZRO5SmflmG4IRHxh/LgtI8L/HvBgZ
+XmXU4f+SapPxxLH/jBs3e4M2Wi6O+ksE9EE+4u4bTURAh7ejL5zUUy2hCoUcTinV
+dfh3aKx9SWwBOsnGDkCKvFmt/niYs+Saha2AM4SvTb3O7AaDj+4sg7Jaw32ZM3DO
+Tq3E3PJw8YVaNxjqJYUrgq13qT4xT5gqj9yuAa/Fpq0Af37dKtZj5IifINxxvZ5f
+UHAjyYIPY1DGw0y1Xg1uM+MkXJ0UEdDlHLH2I4v/jbmlnzjAPuhOqIikOjh02PoX
+Fqi0vayK9FMTe00jU2xqpjggCd+BMOvgCnOJ5i7nAjoKiSX2r6fQZP1Lf+DKrsN3
+eyd3y5ODRHxWwbZRTEbtRprWUe82+a6uLNt4XjHkoYiYrbt4XrSMw9Zi8QUCAwEA
+AQKCAgEAg3uBUZDaugaodOKVhjCZSw5VzP7xT0YSwwDUNmMH3zKBvxV/uV1dHbl5
+cS+hhw8UDBZwYJELYTBmPzoJ1FEWoPWwYQvWJ1IU5sZtkgXc+hO11nnuGq2jpyAx
+uIv+QwlaFrCaZKVyzeR2wosT4nVmL/PJSo7uHTyy6HT3EVqlEaOCTNPgaohWMs4s
+XGpSaOnyo2S6sQDATNb7J/A7CdaiJ92fmSiJKw5HYhNMijr0T/DqCsyE25JmF5B2
+e4My8ZKBRg+amGDnAKC3F2lCuJkzKmV9pKY48ea6Q2bPtR4KTZzOG0ru8+O7OI/l
+oT6+EujygGs8Nmi2A6hBzqfbBRZ1CYTx+czgF63+UcpumBY+tkg7VtvwOKxUXuIc
+6f1WRVXha18y+AZVN7WOBRopQaFRwS48RuzUeKXl5PfHJCq4h+4zA7RbOkSdb3PB
+AyCvUTEJSd1CSUmbaB2liG4vJ2dwb16oXNGQQrcMHNC4yoBcIrTFckRUKi4fBCLA
+tDNxCrwCM0fbTVm2oH1LD3c5PdamGOu7WToj+VNbd4wo11wwSJ6yz8ASj1F9PA1r
++/WK3epgJHlQ25HwsqoRPSVIireQ3k9k+6b8V7c5Dhd4fButC0WnlkYyj1DCVgQT
+FtPtCEQwsioRvpasqWxLEsQgP9IxXM6MYaIW+ZYsV5xBAtLLFsECggEBAN/S32OG
+Hb3TK0UpKx+DGOOZ8LqMWqbVdeCc1WxOtXfOS7Xs6J2pga4miva5mzMwuCw73+tq
+spBHhnxM46axiGuMDn/Q7pgwNvcEgKzrsqjZ9z05hFpusb06jkvk5wsdsC7sBk+3
+MbTFFoXsXGA3Tg5j7BFJhhLgOa5PJ0GW2m248Njvj9dHZPncZlZipffobg3LUPzU
+/L9NCPO0PmSzp6a0MdiXrOt3mN0Q2tDaNriTuqhoWh3TMIL/tL49DHLh+9Fzdnxd
+TeQL5eX4KwyxePJKKbjyK5tGPLtRQPhGfsZSjZnAlnBsR3SbcgRTEaUWbDI8CtbD
+EyYmydBXmFZZXXECggEBAMSjcYu/cTFGw/zKnzo3pI/f3r0AxOpMu0Iw8FPj7bwh
+oD7g8ggLIyxe+OQUjiOQwo+2lVq7mTFEtdmJohwYCFUlRKceSSgrO0B96Nc797hw
+7NLnKEi+pFC79zsfbk1uD/oYu+ZqdMT051uT+vOF3cLh/qxTi1rh+/JkeJLqwvOg
+WDZdwGyfVRj59JkbGvK6blwZVeUx6EN1T3xBR05e51SpuO0saCPo5+S1j5L+M2g9
+3CX+AzZv0rZgDfKYDoZ1L+I/nHQKNRWmgKIwjL58F2pg2knoS06BWxTjj5ZzpRrs
+zMUHF7IFUVpPNMhjg4S1EnfoIHNNti3ZNgJF8Bq6UtUCggEBAL7xIXvA/XxkOsS8
+kzpF16TLPe+XLvqmnfIpOXU1TGBRkIs5+VQPOD8+SEylGL658FRkG+m003J8YkGG
+QquBRrUg/XmS3wjcEPf4UmGyjW64y8/iUoPnbR/WZXBfba8w+4178wJscS4a+NT1
+R/UZGTDzk39H7uYJfYuzoPS2Yc8699TJwjdQg9cYbAGEFLyB/+kqqwOWG6yDZoCp
+IpU8Imj3zpJNCsqx86mb6GBF2GrsNE/Y/g/1i6wlwqaMZCNZoD8Vtl3wJzPF5rGi
+Xe9tM5XXKPLLPeIwMD1I2xky4pID+SLShkSQSwEyXzlLOIFSuKi+SizerGZerspa
+/+2iPTECggEBAKqnooqDCkyWus7wVsIiuln3E4r6WOtyzm2CpYBY5uEIWddYSBU8
+/Tir79uaD0XEg2ZQMky9VRVSKXRzI1K4dLrYjj1vZlRLOLAe1e296J6UuqPK48ZG
+VbqPduBDxenDJHCL+L7fExo/5W4v/nJMcoqIsgqCswWb7JmQIqh2v9zKAuSj9rUO
+jr8PZv1dbcTMkayyfD5eUtIAxIv051qXuLJcXdbQXE0V+/Mcs08B+EF2tlHuooEj
+CT8oG9K3rpt4pqb3R+PZW/q/NxILiopijbvP9IKB7KFkWFTHrb0H/nlgm9I+9oyU
+WudCqG9lFiYdM7sGpOsMvZgK0/mjEt9PZ0UCggEAWjdUjKGDlIR6O8XaxM4SRr0w
+aySJ3YrB4QPoFf0/ZSSAarUr04F5G7E7m12bViWWOdBSp8sRFURn5sfgl4I4sMaz
+BUyyZNQFFKargEVrLsW7Sg85UDbXICgCzaFiOQhQZTYYKjddYit5nn5h9zHPtB5b
+ww/trMQr7RYVJOhinlcvl9FYbUAcT1VkEni9XTKX1L9KPWo3RdMGzSL5uLMQvOex
+WfBwhNGWU5GC6D29Q6jqKprzZhmMsNKFwBOrxfCl2/6afEZAN2I8cHp2Q8Yq4Jfm
+0JsRQx5HrtkSMIpfa3XtyWcHmPmDtrN23/HbyO2Cw69BbtPdmYO6A9gRLsK5VA==
+-----END RSA PRIVATE KEY-----
+
diff --git a/Workbench/ad/start.sh b/Workbench/ad/container_files/start.sh
similarity index 100%
rename from Workbench/ad/start.sh
rename to Workbench/ad/container_files/start.sh
diff --git a/Workbench/directory/Dockerfile b/Workbench/directory/Dockerfile
index 85b4164..229abc6 100644
--- a/Workbench/directory/Dockerfile
+++ b/Workbench/directory/Dockerfile
@@ -11,6 +11,8 @@ RUN yum install -y epel-release \
 COPY container_files/seed-data/ /seed-data/
 COPY container_files/httpd/* /etc/httpd/conf.d/
 COPY container_files/etc/ /etc/
+COPY container_files/misc/ldap.conf /etc/openldap/
+COPY container_files/misc/ad-ca-cert.pem /
 
 RUN useradd ldapadmin \
     && rm -fr /var/lock /usr/lib/systemd/system \
diff --git a/Workbench/directory/container_files/etc/phpldapadmin/config.php b/Workbench/directory/container_files/etc/phpldapadmin/config.php
index 9a40d31..64a8146 100644
--- a/Workbench/directory/container_files/etc/phpldapadmin/config.php
+++ b/Workbench/directory/container_files/etc/phpldapadmin/config.php
@@ -288,7 +288,7 @@
 
 /* A convenient name that will appear in the tree viewer and throughout
    phpLDAPadmin to identify this LDAP server to users. */
-$servers->setValue('server','name','Example LDAP Server');
+$servers->setValue('server','name','LDAP Server');
 
 /* Examples:
    'ldap.example.com',
@@ -535,11 +535,11 @@
 
 $servers->newServer('ldap_pla');
 $servers->setValue('server','name','AD Server');
-$servers->setValue('server','host','ldaps://ad/');
-$servers->setValue('server','port',636);
+$servers->setValue('server','host','ldaps://dc1.ad.example.edu');
+$servers->setValue('server','port',0);
 $servers->setValue('server','base',array('dc=ad,dc=example,dc=edu'));
 $servers->setValue('login','auth_type','cookie');
-$servers->setValue('login','bind_id','AD\Administrator');
+$servers->setValue('login','bind_id','CN=Administrator,CN=Users,DC=ad,DC=example,DC=edu');
 $servers->setValue('login','bind_pass','Supersecret1!');
 $servers->setValue('server','tls',false);
 
diff --git a/Workbench/directory/container_files/misc/ad-ca-cert.pem b/Workbench/directory/container_files/misc/ad-ca-cert.pem
new file mode 100644
index 0000000..9361418
--- /dev/null
+++ b/Workbench/directory/container_files/misc/ad-ca-cert.pem
@@ -0,0 +1,34 @@
+-----BEGIN CERTIFICATE-----
+MIIFqzCCA5OgAwIBAgIEDv1YZDANBgkqhkiG9w0BAQUFADB1MR0wGwYDVQQKExRT
+YW1iYSBBZG1pbmlzdHJhdGlvbjE3MDUGA1UECxMuU2FtYmEgLSB0ZW1wb3Jhcnkg
+YXV0b2dlbmVyYXRlZCBDQSBjZXJ0aWZpY2F0ZTEbMBkGA1UEAxMSREMxLmFkLmV4
+YW1wbGUuZWR1MB4XDTIzMDUwODEzNDU1MFoXDTI1MDQwNzEzNDU1MFowdTEdMBsG
+A1UEChMUU2FtYmEgQWRtaW5pc3RyYXRpb24xNzA1BgNVBAsTLlNhbWJhIC0gdGVt
+cG9yYXJ5IGF1dG9nZW5lcmF0ZWQgQ0EgY2VydGlmaWNhdGUxGzAZBgNVBAMTEkRD
+MS5hZC5leGFtcGxlLmVkdTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
+AOoD7lhOFmy/jaWTKffntRWyEGQb4LJmNgRWkzZGU+/UeMftpT8uXm6LskDyqnPO
+J4q8dnAigV/aDughEr4OzN024SgdZPPSbnGRhwuh9T0FhK153RIDqBsu0ar8Tp3Z
+7RDwZcTsVqaIgeFJ4Wm/tG1viB1/M/GzyxLGamusqfuFYvbXfCOku9oPfnN0NuHW
+exPmXQbP38WmF0360FDnDU91X0g/5txHe4Y5khSyUca/qf9/Tc3HX7MXuIr5XjM2
+l+kswygm98G0YMQfl9hxYE/suAdb5Pr1O/fET0AoDea8uUaNaVhFcfAM2ZyacBuv
+cBNhEmTkYsIoA60Xy05zvf1pow/MIMMBLyKiEt6zejk1bCukGF2XXRafbqY6CYMl
+iRGpcEMayBqoKgwsbwwo5+uLL4O7Ig9uSxPr3CWPfffX6LwgNEvG5tdmr+B4OiGm
+zXVUOOQ6IUWqvHxwwg5sPFndDXwaOIudKsEvvqeKEMtkqOVEn5Th4jtJw/2pj8Ud
+Tuc1Du880kHjnPXIYCh195U4styk5LW5xEyLHiM/4QXG0m+H+6f4epWr6Eg129tz
+ovsNcpIAuar38i49KlWvGYvdYGeUvRVI3GToBpY+OwaETfgYQPMW213cKXOCbfly
+yw9sWFE9zQ+VVFa9i/WzpEdFk0EgPaQ7E0fxV6iwH4LnAgMBAAGjQzBBMA8GA1Ud
+EwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcGADAdBgNVHQ4EFgQU3rZVC4JD1G2B
+qYyhIvmm5OpsQtwwDQYJKoZIhvcNAQEFBQADggIBABFBiPBU6QY1ykjQoKtlnTbI
+KrVAf3TeF5e9gwB/tQmTP7WbzQtYMg5ox6i6V6ro6Hn5Gfv0kVmZdEaKReKp/jP/
+F1kx+jk0j/lVUK9sp6RX556YBS4PPwre2vbItjwz4TU8b1YBQwZf+EiUzp6G/dP0
+V+9kCNeURs6pxt8F1TYMNy1nREoqAFnGyDQNh1Mb+sZeHaJKc07Ah+mpy25Rj3Tc
+DJsaFSSBoBkrsKa6fId2uqBDIfHx2gHwMxvK2tGRVQimGMSFNnOCEc6KpiRl/X3S
+BzqZzh7djd8wVcoD1jOpYEQIbpox0FHXnkAD/7l3iwJzayk3HcUjqxKQwl5N1XzF
+2relunwQZF0F8jheT9PLrgFWkIu6I7Hx2+dLERBKGH5Q7YgIn0XRijRHvnMsQN4m
+dfa0rVFrQLSk/E+bXuI9+dCMcZjJUGvVKtM6gVW3syrENRdW0xHzHCFEG+JnXlhi
+DOzW1RRkMwk4349Ici1zUrh6S3L9c4LmY4JqpQB2tGXaegU8vEEoFd6I2E2ETECF
+vlDFmdxtEEeLFZoujEmrzKA6nIKyFv2ffRaftH+fjaz5zemoYukqpSWIQ2mekla1
+Z4jmZPCYWZJ5Y0yYoAqXZhT0DPmF2ht8W6fN6clcwpYUxGWP0Rie0ov/HTpEwvBX
+Nf6BqT3tLEVv3GAbhQtt
+-----END CERTIFICATE-----
+
diff --git a/Workbench/directory/container_files/misc/ldap.conf b/Workbench/directory/container_files/misc/ldap.conf
new file mode 100644
index 0000000..f879f48
--- /dev/null
+++ b/Workbench/directory/container_files/misc/ldap.conf
@@ -0,0 +1,21 @@
+#
+# LDAP Defaults
+#
+
+# See ldap.conf(5) for details
+# This file should be world readable but not world writable.
+
+#BASE   dc=example,dc=com
+#URI    ldap://ldap.example.com ldap://ldap-master.example.com:666
+
+#SIZELIMIT      12
+#TIMELIMIT      15
+#DEREF          never
+
+#TLS_CACERTDIR  /etc/openldap/certs
+LDAPTLS_REQCERT never
+TLS_CACERT      /ad-ca-cert.pem
+
+# Turning this off breaks GSSAPI used with krb5 when rdns = false
+SASL_NOCANON    on
+
diff --git a/Workbench/docker-compose.yml b/Workbench/docker-compose.yml
index 717a635..2785e7b 100644
--- a/Workbench/docker-compose.yml
+++ b/Workbench/docker-compose.yml
@@ -569,8 +569,11 @@ services:
     environment:
      - DOMAIN=ad.example.edu
      - DOMAINPASS=Supersecret1!
+    hostname: dc1
     networks:
       net:
+        aliases:
+          - dc1.ad.example.edu
     volumes:
      - ad_samba_data:/var/lib/samba
      - ad_samba_cfg:/etc/samba/external