From c9439a7902048e8c0f86ef20e5864a65036eb273 Mon Sep 17 00:00:00 2001
From: Brian Long <brian@inteligr8.com>
Date: Wed, 13 Jan 2021 16:30:14 -0500
Subject: [PATCH] added openldap server config and initial users/groups

---
 docker-compose.yml    | 12 +++++++
 openldap-example.ldif | 80 +++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 92 insertions(+)
 create mode 100644 openldap-example.ldif

diff --git a/docker-compose.yml b/docker-compose.yml
index f70207f..d8f4556 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -3,3 +3,15 @@
 # Using version 2 as 3 does not support resource constraint options (cpu_*, mem_* limits) for non swarm mode in Compose
 version: "2"
 
+services:
+
+    directory:
+        image: osixia/openldap:1.4.0
+        environment:
+            LDAP_ORGANISATION: "Example Organization"
+            LDAP_DOMAIN: example.org
+            LDAP_ADMIN_PASSWORD: admin
+        command: "--copy-service --loglevel=debug"
+        volumes:
+            - ./openldap-example.ldif:/container/service/slapd/assets/config/bootstrap/ldif/50-bootstrap.ldif:ro
+
diff --git a/openldap-example.ldif b/openldap-example.ldif
new file mode 100644
index 0000000..42c2dd3
--- /dev/null
+++ b/openldap-example.ldif
@@ -0,0 +1,80 @@
+version: 1
+
+dn: uid=admin.1,dc=example,dc=org
+objectClass: organizationalPerson
+objectClass: person
+objectClass: top
+objectClass: uidObject
+objectClass: simpleSecurityObject
+objectClass: mailAccount
+cn: #1
+sn: Administrator
+uid: admin.1
+userPassword: {SSHA}m2qOFBapko4Bky4vbQYCVyW4+KWeuswg/BqObw==
+mail: admin.1@example.org
+
+dn: uid=manager.1,dc=example,dc=org
+objectClass: organizationalPerson
+objectClass: person
+objectClass: top
+objectClass: uidObject
+objectClass: simpleSecurityObject
+objectClass: mailAccount
+cn: #1
+sn: Manager
+uid: manager.1
+userPassword: {SSHA}m2qOFBapko4Bky4vbQYCVyW4+KWeuswg/BqObw==
+mail: manager.1@example.org
+
+dn: uid=user.1,dc=example,dc=org
+objectClass: organizationalPerson
+objectClass: person
+objectClass: top
+objectClass: uidObject
+objectClass: simpleSecurityObject
+objectClass: mailAccount
+cn: #1
+sn: User
+uid: user.1
+userPassword: {SSHA}m2qOFBapko4Bky4vbQYCVyW4+KWeuswg/BqObw==
+mail: user.1@example.org
+
+dn: uid=user.2,dc=example,dc=org
+objectClass: organizationalPerson
+objectClass: person
+objectClass: top
+objectClass: uidObject
+objectClass: simpleSecurityObject
+objectClass: mailAccount
+cn: #2
+sn: User
+uid: user.2
+userPassword: {SSHA}m2qOFBapko4Bky4vbQYCVyW4+KWeuswg/BqObw==
+mail: user.2@example.org
+
+dn: cn=power-users,dc=example,dc=org
+objectClass: groupOfNames
+objectClass: top
+cn: power-users
+member: uid=manager.1,dc=example,dc=org
+
+dn: cn=admins,dc=example,dc=org
+objectClass: groupOfNames
+objectClass: top
+cn: admins
+member: uid=admin.1,dc=example,dc=org
+
+dn: cn=acs-users,dc=example,dc=org
+objectClass: groupOfNames
+objectClass: top
+cn: acs-users
+member: cn=power-users,dc=example,dc=org
+member: uid=user.1,dc=example,dc=org
+
+dn: cn=aps-users,dc=example,dc=org
+objectClass: groupOfNames
+objectClass: top
+cn: aps-users
+member: cn=power-users,dc=example,dc=org
+member: uid=user.2,dc=example,dc=org
+