718itbiz/ldap-server
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

files

Browse Source
This commit is contained in:
William Mantly
2020-05-13 12:38:47 -04:00
commit 309abf4e6a
8 changed files with 91 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
files/add_index.ldif Normal file
View File

@ -0,0 +1,3 @@
dn: olcDatabase={1}mdb,cn=config
add: olcDbIndex
olcDbIndex: mail eq,sub

4
files/logging.ldif Normal file
View File

@ -0,0 +1,4 @@
dn: cn=config
changetype: modify
replace: olcLogLevel
olcLogLevel: stats

17
files/memberof_config.ldif Normal file
View File

@ -0,0 +1,17 @@
dn: cn=module,cn=config
cn: module
objectClass: olcModuleList
olcModuleLoad: memberof
olcModulePath: /usr/lib/ldap
dn: olcOverlay={0}memberof,olcDatabase={1}mdb,cn=config
objectClass: olcConfig
objectClass: olcMemberOf
objectClass: olcOverlayConfig
objectClass: top
olcOverlay: memberof
olcMemberOfDangling: ignore
olcMemberOfRefInt: TRUE
olcMemberOfGroupOC: groupOfNames
olcMemberOfMemberAD: member
olcMemberOfMemberOfAD: memberOf

3
files/refint1.ldif Normal file
View File

@ -0,0 +1,3 @@
dn: cn=module{1},cn=config
add: olcmoduleload
olcmoduleload: refint

7
files/refint2.ldif Normal file
View File

@ -0,0 +1,7 @@
dn: olcOverlay={1}refint,olcDatabase={1}mdb,cn=config
objectClass: olcConfig
objectClass: olcOverlayConfig
objectClass: olcRefintConfig
objectClass: top
olcOverlay: {1}refint
olcRefintAttribute: memberof member manager owner

11
files/sshkey.ldif Normal file
View File

@ -0,0 +1,11 @@
dn: cn=openssh-lpk,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: openssh-lpk
olcAttributeTypes: ( 1.3.6.1.4.1.24552.500.1.1.1.13 NAME 'sshPublicKey'
DESC 'MANDATORY: OpenSSH Public key'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
olcObjectClasses: ( 1.3.6.1.4.1.24552.500.1.1.2.0 NAME 'ldapPublicKey' SUP top AUXILIARY
DESC 'MANDATORY: OpenSSH LPK objectclass'
MAY ( sshPublicKey $ uid )
)

11
files/sudo.ldif Normal file
View File

@ -0,0 +1,11 @@
dn: cn=sudo,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: sudo
olcAttributeTypes: ( 1.3.6.1.4.1.15953.9.1.1 NAME 'sudoUser' DESC 'User(s) who may run sudo' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: ( 1.3.6.1.4.1.15953.9.1.2 NAME 'sudoHost' DESC 'Host(s) who may run sudo' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: ( 1.3.6.1.4.1.15953.9.1.3 NAME 'sudoCommand' DESC 'Command(s) to be executed by sudo' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: ( 1.3.6.1.4.1.15953.9.1.4 NAME 'sudoRunAs' DESC 'User(s) impersonated by sudo (deprecated)' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: ( 1.3.6.1.4.1.15953.9.1.5 NAME 'sudoOption' DESC 'Options(s) followed by sudo' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: ( 1.3.6.1.4.1.15953.9.1.6 NAME 'sudoRunAsUser' DESC 'User(s) impersonated by sudo' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: ( 1.3.6.1.4.1.15953.9.1.7 NAME 'sudoRunAsGroup' DESC 'Group(s) impersonated by sudo' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcObjectClasses: ( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' SUP top AUXILIARY DESC 'Sudoer Entries' MUST ( cn ) MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoRunAsUser $ sudoRunAsGroup $ sudoOption $ description ) )

35
index.sh Normal file
View File

@ -0,0 +1,35 @@
#!/bin/bash
set -e
org_name="Theta42"
domain="theta42.com"
password=$1
echo "slapd slapd/internal/adminpw string $password" | debconf-set-selections
echo "slapd slapd/password1 string $password" | debconf-set-selections
echo "slapd slapd/password2 string $password" | debconf-set-selections
echo "slapd slapd/domain string $domain" | debconf-set-selections
echo "slapd slapd/backend string MDB" | debconf-set-selections
echo "slapd shared/organization string $org_name" | debconf-set-selections
echo "slapd slapd/purge_database boolean true" | debconf-set-selections
echo "slapd slapd/password_mismatchs string $password" | debconf-set-selections
echo "slapd slapd/no_configuration boolean false" | debconf-set-selections
echo "slapd slapd/allow_ldap_v2 string false" | debconf-set-selections
echo "slapd slapd/dump_database string when needed" | debconf-set-selections
echo "slapd slapd/move_old_database boolean true" | debconf-set-selections
echo "slapd slapd/invalid_config boolean true" | debconf-set-selections
apt install -y slapd ldap-utils
echo '' > /etc/ldap/ldap.conf
echo 'BASE dc=theta42,dc=com' >> /etc/ldap/ldap.conf
echo 'URI ldap://localhost' >> /etc/ldap/ldap.conf
ldapadd -Y EXTERNAL -H ldapi:/// -f files/sshkey.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f files/sudo.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f files/add_index.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f files/logging.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f files/memberof_config.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f files/refint1.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f files/refint2.ldif