Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[QUESTION] How to enable Hash Passwords in OpenLDAP #689

Open
Ecenur2 opened this issue Feb 25, 2025 · 0 comments
Open

[QUESTION] How to enable Hash Passwords in OpenLDAP #689

Ecenur2 opened this issue Feb 25, 2025 · 0 comments

Comments

@Ecenur2
Copy link

Ecenur2 commented Feb 25, 2025

Hi All

Can you help me, I need to enable password hashing at openLDAP level
I need to have situation where clients send password in PLAIN_TEXT and openLDAP store this as {SSHA}
i read #208 this issue and i tried to same things with docker

I would like to enable this:
http://xacmlinfo.org/2015/06/25/enable-hash-passwords-in-openldap/

but I do not know how to do this during container configuration

this is my docker-compose.yml
`networks:
my_network:
driver: bridge

services:
openldap:
image: osixia/openldap:latest
container_name: openldap
environment:
LDAP_BASE_DN: "dc=example,dc=com"
LDAP_ORGANISATION: "Example Organization"
LDAP_DOMAIN: "example.com"
LDAP_ADMIN_PASSWORD: "admin"
LDAP_TLS: "false"
LDAP_PASSWORD_HASH: "SSHA"
volumes:
- ./ldap/init.ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom/50-init.ldif
- ./ldap/ppolicy.ldif:/etc/ldap/ppolicy.ldif
- ./ldap/ppolicy_overlay.ldif:/etc/ldap/ppolicy_overlay.ldif
- openldap-data:/var/lib/ldap
- openldap-config:/etc/ldap/slapd.d
networks:
- my_network
ports:
- "389:389"
command: --copy-service
restart: unless-stopped
phpldapadmin:
image: osixia/phpldapadmin:latest
container_name: phpldapadmin
environment:
PHPLDAPADMIN_LDAP_HOSTS: openldap
PHPLDAPADMIN_HTTPS: "false" # deactivate HTTPS
networks:
- my_network
ports:
- "8081:80"
restart: unless-stopped
depends_on:
- openldap

volumes:
openldap-data:
driver: local
openldap-config:
driver: local
`

and this is my Dockerfile
`# Dockerfile
FROM osixia/openldap:latest

COPY ./ldap/ppolicy.ldif /etc/ldap/ppolicy.ldif
COPY ./ldap/ppolicy_overlay.ldif /etc/ldap/ppolicy_overlay.ldif
COPY ./ldap/init.ldif /container/service/slapd/assets/config/bootstrap/ldif/custom/50-init.ldif

CMD ["sh", "-c", "sleep 5 && ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/ppolicy.ldif && ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/ppolicy_overlay.ldif && ldapadd -Y EXTERNAL -H ldapi:/// -f /container/service/slapd/assets/config/bootstrap/ldif/custom/50-init.ldif && /container/tool/run.sh"]
`

and my ldif docs;
ppolicy_overlay.ldif
dn: olcOverlay={2}ppolicy,olcDatabase={1}mdb,cn=config objectClass: olcOverlayConfig objectClass: olcPPolicyConfig olcOverlay: {2}ppolicy olcPPolicyHashCleartext: TRUE

ppolicy.ldif
dn: cn=module{0},cn=config changetype: modify add: olcModuleLoad olcModuleLoad: ppolicy

when i open my pgadmin i can't see SSHA it looks like this;

Image

how can i fix this! Please help!!
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Ecenur2