[bitnami/openldap] cn=module,cn=config missing

[jonnoss1]

Name and Version

bitnami/openldap:2.6

What architecture are you using?

None

What steps will reproduce the bug?

1. Docker Desktop 4.21.0
2. The sample/example docker-compose.yml [ bitnami/openldap/docker-compose.yml] with these additional environment variables:
   • LDAP_CONFIG_ADMIN_ENABLED=yes
   • LDAP_CONFIG_ADMIN_USERNAME=admin
   • LDAP_CONFIG_ADMIN_PASSWORD=adminpass

$ docker compose up -d

$ ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b "cn=module*"  
No such object (32)
$ ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b "cn=module"       
No such object (32)
$ ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b "cn=module{0}"
No such object (32)

What is the expected behavior?

I expect to be able to find a valid directory entry for cn=module,cn=config.

What do you see instead?

I do not see an entry for cn=module,cn=config, or similar.

Additional information

No response

[radokristof]

I have the same problem. Config admin user is not created automatically on fresh startup

[CeliaGMqrz]

Hi @radokristof @jonnoss1,

Thanks for reporting this issue.

I have been able to reproduce the error. To make sure that these entries are being created correctly. Can you run this as follows?

ldapwhoami -vvv -x -H ldap://localhost:1389 -D "cn=adminConfig,cn=config" -w adminConfigPass ldapsearch -x -H ldap://localhost:1389 -D "cn=adminConfig,cn=config" -b "cn=config" -w adminConfigPass

Env eg:

  environment:
      - BITNAMI_DEBUG=yes
      - LDAP_ADMIN_USERNAME=admin
      - LDAP_ADMIN_PASSWORD=adminpassword
      - LDAP_ROOT=dc=localhost,dc=com
      - LDAP_USERS=user01,user02
      - LDAP_PASSWORDS=password1,password2
      - LDAP_CONFIG_ADMIN_ENABLED=yes
      - LDAP_CONFIG_ADMIN_USERNAME=adminConfig
      - LDAP_CONFIG_ADMIN_PASSWORD=adminConfigPass

[jonnoss1]

Hi @CeliaGMqrz,

I have attached the outputs. ldapsearch.txt ldapwhoami.txt

I had a look in libopenldap.sh and saw that the ldap_load_module() function was only called when env LDAP_CONFIGURE_PPOLICY=true.

Based on this I tested extending libopenldap.sh with support for the Sync Provider overlay which I wanted to use. This worked successfully so I'm actually happy to close as libopenldap.sh appears to be working as intended; only creating a cn=module entry when a supported module is enabled.

J

[CeliaGMqrz]

Hi @jonnoss1,

Thanks for your feedback!

It's great to hear that you were able to use libopenldap.sh to support the Sync Provider overlay successfully. Indeed, according to the logic, when the ppolicy module is activated, it calls the function ldap_load_module which activates this. Just as we added this module you could add any other module as a new feature request. Would you like to contribute by creating a PR to solve the issue? The Bitnami team will be happy to review it and provide feedback. Here you can find the contributing guidelines.

Also, you can add custom configuration through ldif files, in this comment my colleague explains an example for it. I hope you find it helpful. If you have other questions do not hesitate to let us know.

[jonnoss1]

Hi @CeliaGMqrz,

Thanks for the confirmation. I would be happy to contribute the changes I have made. I will reference the PR here once created.

[jonnoss1]

Hi @CeliaGMqrz,

PR created.

Support for the accesslog overlay is included as I had already implemented it for my requirement.

[CeliaGMqrz]

Hi @jonnoss1,

Thanks for creating this issue and the associated PR. The team will review it and provide feedback. Once merged the PR, this issue will be automatically closed.

[github-actions[bot]]

This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback.

[github-actions[bot]]

Due to the lack of activity in the last 5 days since it was marked as "stale", we proceed to close this Issue. Do not hesitate to reopen it later if necessary.