diff --git a/Workbench/directory/Dockerfile b/Workbench/directory/Dockerfile index 01b7684..aa4835f 100644 --- a/Workbench/directory/Dockerfile +++ b/Workbench/directory/Dockerfile @@ -38,7 +38,10 @@ RUN useradd ldapadmin \ && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \ ldapadd -H ldap:/// -f /seed-data/data.ldif -x -D "cn=Directory Manager" -w password \ && ldapmodify -H ldap:/// -f /seed-data/incwbperson-obj.ldif -x -D "cn=Directory Manager" -w password \ - && ldapmodify -H ldap:/// -f /seed-data/edumember-obj.ldif -x -D "cn=Directory Manager" -w password + && ldapmodify -H ldap:/// -f /seed-data/edumember-obj.ldif -x -D "cn=Directory Manager" -w password \ + && ldapmodify -H ldap:/// -f /seed-data/ldappublickey-obj.ldif -x -D "cn=Directory Manager" -w password \ + && ldapmodify -H ldap:/// -f /seed-data/voperson-obj.ldif -x -D "cn=Directory Manager" -w password \ + && ldapmodify -H ldap:/// -f /seed-data/voposixaccount-obj.ldif -x -D "cn=Directory Manager" -w password EXPOSE 389 443 diff --git a/Workbench/directory/container_files/seed-data/ldappublickey-obj.ldif b/Workbench/directory/container_files/seed-data/ldappublickey-obj.ldif new file mode 100644 index 0000000..2e3c112 --- /dev/null +++ b/Workbench/directory/container_files/seed-data/ldappublickey-obj.ldif @@ -0,0 +1,29 @@ +# +# ldapPublicKey Objectclass +# +# +# ldapPublicKey attribute +# +dn: cn=schema +changetype: modify +# +add: attributetypes +attributeTypes: ( 1.3.6.1.4.1.24552.500.1.1.1.13 + NAME 'sshPublicKey' + DESC 'MANDATORY: OpenSSH Public key' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) +- +# +add: objectclasses +objectClasses: ( 1.3.6.1.4.1.24552.500.1.1.2.0 + NAME 'ldapPublicKey' + DESC 'MANDATORY: OpenSSH LPK objectclass' + SUP top + AUXILIARY + MUST ( sshPublicKey $ uid ) + ) +# +# end of LDIF +# + diff --git a/Workbench/directory/container_files/seed-data/voperson-obj.ldif b/Workbench/directory/container_files/seed-data/voperson-obj.ldif new file mode 100644 index 0000000..4d7e85a --- /dev/null +++ b/Workbench/directory/container_files/seed-data/voperson-obj.ldif @@ -0,0 +1,113 @@ +# +# voPerson Objectclass +# +# +# "voPerson" attributes +# +objectIdentifier: voPersonRoot 1.3.6.1.4.1.25178.4 +objectIdentifier: voPersonObjectClass voPersonRoot:1 +dn: cn=schema +changetype: modify +# +add: attributetypes +attributeTypes: ( voPersonObjectClass:10 + NAME 'voPersonAffiliation' + DESC 'voPerson Affiliation Within Local Scope' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +attributeTypes: ( voPersonObjectClass:13 + NAME 'voPersonApplicationPassword' + DESC 'voPerson Application-Specific Password' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} ) +attributeTypes: ( voPersonObjectClass:1 + NAME 'voPersonApplicationUID' + DESC 'voPerson Application-Specific User Identifier' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +attributeTypes: ( voPersonObjectClass:2 + NAME 'voPersonAuthorName' + DESC 'voPerson Author Name' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +attributeTypes: ( voPersonObjectClass:3 + NAME 'voPersonCertificateDN' + DESC 'voPerson Certificate Distinguished Name' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) +attributeTypes: ( voPersonObjectClass:4 + NAME 'voPersonCertificateIssuerDN' + DESC 'voPerson Certificate Issuer DN' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) +attributeTypes: ( voPersonObjectClass:11 + NAME 'voPersonExternalAffiliation' + DESC 'voPerson Scoped External Affiliation' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +attributeTypes: ( voPersonObjectClass:5 + NAME 'voPersonExternalID' + DESC 'voPerson Scoped External Identifier' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +attributeTypes: ( voPersonObjectClass:6 + NAME 'voPersonID' + DESC 'voPerson Unique Identifier' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +attributeTypes: ( voPersonObjectClass:7 + NAME 'voPersonPolicyAgreement' + DESC 'voPerson Policy Agreement Indicator' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +attributeTypes: ( voPersonObjectClass:12 + NAME 'voPersonScopedAffiliation' + DESC 'voPerson Affiliation With Explicit Local Scope' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +attributeTypes: ( voPersonObjectClass:8 + NAME 'voPersonSoRID' + DESC 'voPerson External Identifier' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +attributeTypes: ( voPersonObjectClass:9 + NAME 'voPersonStatus' + DESC 'voPerson Status' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +attributeTypes: ( voPersonObjectClass:15 + NAME 'voPersonToken' + DESC 'voPerson Token' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +attributeTypes: ( voPersonObjectClass:14 + NAME 'voPersonVerifiedEmail' + DESC 'voPerson Verified Email Address' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +- +# +add: objectclasses +objectClasses: ( voPersonObjectClass + NAME 'voPerson' + AUXILIARY + MAY ( voPersonAffiliation $ + voPersonApplicationPassword $ + voPersonApplicationUID $ + voPersonAuthorName $ + voPersonCertificateDN $ + voPersonCertificateIssuerDN $ + voPersonExternalAffiliation $ + voPersonExternalID $ + voPersonID $ + voPersonPolicyAgreement $ + voPersonScopedAffiliation $ + voPersonSoRID $ + voPersonStatus $ + voPersonToken $ + voPersonVerifiedEmail ) + ) +# +# end of LDIF +# + diff --git a/Workbench/directory/container_files/seed-data/voposixaccount-obj.ldif b/Workbench/directory/container_files/seed-data/voposixaccount-obj.ldif new file mode 100644 index 0000000..527b669 --- /dev/null +++ b/Workbench/directory/container_files/seed-data/voposixaccount-obj.ldif @@ -0,0 +1,63 @@ +# +# voPosixAccount Objectclass +# +# +# "voPosixAccount" attributes +# +objectIdentifier: voPersonRoot 1.3.6.1.4.1.25178.4 +objectIdentifier: voPosixAccountObjectClass voPersonRoot:2 +objectIdentifier: voPosixGroupObjectClass voPersonRoot:3 +dn: cn=schema +changetype: modify +# +add: attributetypes +attributeTypes: ( voPosixAccountObjectClass:1 + NAME 'voPosixAccountGecos' + DESC 'voPerson domain specific GECOS field' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +attributeTypes: ( voPosixAccountObjectClass:2 + NAME 'voPosixAccountGidNumber' + DESC 'voPerson domain specific primary group identifier' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) +attributeTypes: ( voPosixAccountObjectClass:3 + NAME 'voPosixAccountHomeDirectory' + DESC 'voPerson domain specific absolute path to the home directory' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +attributeTypes: ( voPosixAccountObjectClass:4 + NAME 'voPosixAccountLoginShell' + DESC 'voPerson domain specific path to the login shell' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +attributeTypes: ( voPosixAccountObjectClass:5 + NAME 'voPosixAccountUidNumber' + DESC 'voPerson domain specific unique user identifier' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) +- +# +add: objectclasses +objectClasses: ( voPosixAccountObjectClass + NAME 'voPosixAccount' + AUXILIARY + MUST ( cn $ + uid $ + voPosixAccountUidNumber $ + voPosixAccountGidNumber $ + voPosixAccountHomeDirectory ) + MAY ( voPosixAccountLoginShell $ + voPosixAccountGecos ) + ) +objectClasses: ( voPosixGroupObjectClass + NAME 'voPosixGroup' + AUXILIARY + MUST ( cn $ voPosixAccountGidNumber ) + MAY ( memberUid ) + ) +# +# end of LDIF +# +