A dockerfile for the LDAP ToolBox (LTB) Self Service Password utility, which is a PHP application that allows users to change their password in an LDAP directory. See http://ltb-project.org/wiki/documentation/self-service-password
You can either run the image and link it to an external configuration file, or you can rebuild your own standalone image.
Pull the latest version of the image from the docker index. This is the recommended method of installation as it is easier to update image in the future. These builds are performed by the Docker Trusted Build service.
docker pull devsu/ldap-self-service-password:0.9
Then, provide your own config.inc.php
file, downloaded from http://tools.ltb-project.org/projects/ltb/repository/entry/self-service-password/tags/0.9/conf/config.inc.php and modified according to your settings.
You can now run container:
- in foreground:
docker run -it --rm -p 8765:80 -v /path/to/config.inc.php:/usr/share/self-service-password/conf/config.inc.php devsu/ldap-self-service-password:0.9
- as a daemon:
docker run -d -p 8765:80 -v /path/to/config.inc.php:/usr/share/self-service-password/conf/config.inc.php devsu/ldap-self-service-password:0.9
The examples above expose service on port 8765
, so you can point your browser to http://hostname:8765/ in order to change LDAP passwords.
git clone https://github.com/devsu/docker-ldap-self-service-password.git
cd docker-ldap-self-service-password
Edit assets/config.inc.php
according to your local settings, then (re)build image with:
docker build -t="$USER/ldap-self-service-password" .
You can now run container:
- in foreground:
docker run -it --rm -p 8765:80 $USER/ldap-self-service-password
- as a daemon:
docker run -d -p 8765:80 $USER/ldap-self-service-password
You can debug LDAP connection problems by adding this line in config.inc.php
:
ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);
Then inspect apache logs of a runnning container:
docker exec -ti $(docker ps | grep 'ldap-self-service-password' | awk '{print $1}') tail /var/log/apache2/error.log
When connecting with LDAPS protocol to a server wtih a self-signed certificate, you will see this error in apache logs:
TLS: peer cert untrusted or revoked (0x42)
TLS: can't connect: (unknown error code).
Add this into config.inc.php
to disable all certificate validation:
putenv('LDAPTLS_REQCERT=never');