OpenLDAP & phpLDAPadmin in 1 tutorial not working locally

[chenrui333]

I put the script from OpenLDAP & phpLDAPadmin in 1, and I run it locally.

Here is the local output:

PHPLDAP_CID: ed4acc79c6447c243425932c002b5f55c313aa74419a0f414f71223a76814858
PHP_LDAP_IP: 172.17.0.3
Go to: https://172.17.0.3
Login DN: cn=admin,dc=example,dc=org
Password: admin

Then I went to the https://172.17.0.3, it stays hanging there and display no results.

Can anyone tell me if I did anything wrong?

Thanks, Rui

[osixia]

Hello, can you try this script :

#!/bin/bash -e
docker run --name ldap-service --hostname ldap-service --detach osixia/openldap:1.1.1

docker run --name phpldapadmin-service --hostname phpldapadmin-service --link ldap-service:ldap-host --env PHPLDAPADMIN_LDAP_HOSTS=ldap-host --detach osixia/phpldapadmin:0.6.8

PHPLDAP_IP=$(docker inspect -f "{{ .NetworkSettings.IPAddress }}" phpldapadmin-service)

echo "Go to: https://$PHPLDAP_IP"
echo "Login DN: cn=admin,dc=example,dc=org"
echo "Password: admin"

and show logs from phpldapadmin container ?

docker logs phpldapadmin-service

Thanks.

[chenrui333]

Sorry for the late reply.

I restart everything all over again, and found out the problem is still there.

here is the log for the shell script:

Go to: https://172.17.0.3
Login DN: cn=admin,dc=example,dc=org
Password: admin

Here is the log output for docker logs phpldapadmin-service:

>docker logs phpldapadmin-service
*** CONTAINER_LOG_LEVEL = 3 (info)
*** Search service in CONTAINER_SERVICE_DIR = /container/service :
*** link /container/service/:apache2/startup.sh to /container/run/startup/:apache2
*** link /container/service/:apache2/process.sh to /container/run/process/:apache2/run
*** link /container/service/:cfssl/startup.sh to /container/run/startup/:cfssl
*** link /container/service/:cron/startup.sh to /container/run/startup/:cron
*** link /container/service/:cron/process.sh to /container/run/process/:cron/run
*** link /container/service/:logrotate/startup.sh to /container/run/startup/:logrotate
*** link /container/service/:php5-fpm/startup.sh to /container/run/startup/:php5-fpm
*** link /container/service/:php5-fpm/process.sh to /container/run/process/:php5-fpm/run
*** link /container/service/:syslog-ng-core/startup.sh to /container/run/startup/:syslog-ng-core
*** link /container/service/:syslog-ng-core/process.sh to /container/run/process/:syslog-ng-core/run
*** link /container/service/ldap-client/startup.sh to /container/run/startup/ldap-client
*** link /container/service/phpldapadmin/startup.sh to /container/run/startup/phpldapadmin
*** Set environment for startup files
*** Environment files will be proccessed in this order : 
Caution: previously defined variables will not be overriden.
/container/environment/99-default/default.yaml

To see how this files are processed and environment variables values,
run this container with '--loglevel debug'
*** Running /container/run/startup/:apache2...
*** Running /container/run/startup/:cfssl...
*** Running /container/run/startup/:cron...
*** Running /container/run/startup/:logrotate...
*** Running /container/run/startup/:php5-fpm...
*** Running /container/run/startup/:syslog-ng-core...
*** Running /container/run/startup/ldap-client...
No certificate file and certificate key provided, generate:
/container/service/ldap-client/assets/certs/ldap-client.crt and /container/service/ldap-client/assets/certs/ldap-client.key
2016/02/04 06:09:50 [INFO] generate received request
2016/02/04 06:09:50 [INFO] received CSR
2016/02/04 06:09:50 [INFO] generating key: ecdsa-384
2016/02/04 06:09:50 [INFO] encoded CSR
2016/02/04 06:09:50 [INFO] signed certificate with serial number 678705771691458166783078847638698126562704241303
Link /container/service/:cfssl/assets/default-ca/default-ca.pem to /container/service/ldap-client/assets/certs/ldap-ca.crt
*** Running /container/run/startup/phpldapadmin...
Set apache2 https config...
No certificate file and certificate key provided, generate:
/container/service/phpldapadmin/assets/apache2/certs/phpldapadmin.crt and /container/service/phpldapadmin/assets/apache2/certs/phpldapadmin.key
2016/02/04 06:09:50 [INFO] generate received request
2016/02/04 06:09:50 [INFO] received CSR
2016/02/04 06:09:50 [INFO] generating key: ecdsa-384
2016/02/04 06:09:50 [INFO] encoded CSR
2016/02/04 06:09:50 [INFO] signed certificate with serial number 558640707640329249577851019292306804956244790273
Link /container/service/:cfssl/assets/default-ca/default-ca.pem to /container/service/phpldapadmin/assets/apache2/certs/ca.crt
Bootstap phpLDAPadmin...
tr: write error: Broken pipe
tr: write error
*** Set environment for container process
*** Environment files will be proccessed in this order : 
Caution: previously defined variables will not be overriden.
/container/environment/99-default/default.yaml

To see how this files are processed and environment variables values,
run this container with '--loglevel debug'
*** Running runit daemon...
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
Feb  4 06:09:51 phpldapadmin-service syslog-ng[856]: syslog-ng starting up; version='3.5.6'

[chenrui333]

@osixia, and I could not use ApacheDirectoryStudio to directly access the server either.

I could run the container and exec in the interactive way, but could not use the ApacheDirectoryStudio to connect it.

>docker run -d -p 389:389 --name ldap -t  osixia/openldap:1.1.0

>docker exec -it ldap bash
root@fd8f06230b23:/# ldapsearch -x -h localhost -b dc=example,dc=org -D "cn=admin,dc=example,dc=org" -w admin
# extended LDIF
#
# LDAPv3
# base <dc=example,dc=org> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# example.org
dn: dc=example,dc=org
objectClass: top
objectClass: dcObject
objectClass: organization
o: Example Inc.
dc: example

# admin, example.org
dn: cn=admin,dc=example,dc=org
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator
userPassword:: e1NTSEF9aDQvRXlFRC9PYnFUVlNLRkVnL1ArbnpVbTRvWDd5bTA=

# search result
search: 2
result: 0 Success

# numResponses: 3
# numEntries: 2

[osixia]

Eveything seems ok, do you try to access https://172.17.0.3 from the same machine where your container are running ?

note that 172.17.0.3 is the phpLDAPadmin container ip address, not the ldap container ip address. So i guess in ApacheDirectoryStudio you must set the ldap container ip address.

[chenrui333]

Yes, I did access thru the same machine.

Yes, I did setup a separate docker-machine and separate IP for LDAP container as well.

[osixia]

I can't help if you are running docker on OS X or Windows sorry.

[chenrui333]

@osixia, yes, I did with Mac OS. I will try with the Linux later today.

But what would be the difference?

[osixia]

there was a lot of problems with docker-machine, maybe it's more mature now but i don't know.

[chenrui333]

so you mean, docker-machine on Linux is quite different from the one running on Mac OS??

[osixia]

I don't know for docker-machine, I was thinking on how docker globally works on Mac OS and Windows with a linux VM and theire was a lot a problems with that.

[chenrui333]

ok

[osixia]

The quick start example is just a bash script that should be run on a linux OS with docker, but if you managed to make it works with docker-machine / docker-compose of whatever i would be pleased to add this to the README :)

[chenrui333]

sounds good, I will do later today.

[chenrui333]

It indeed works on the Linux machine, tested on Ubuntu 14.04

Log output for docker logs phpldapadmin-service

$ sudo docker logs phpldapadmin-service
*** CONTAINER_LOG_LEVEL = 3 (info)
*** Search service in CONTAINER_SERVICE_DIR = /container/service :
*** link /container/service/:apache2/startup.sh to /container/run/startup/:apache2
*** link /container/service/:apache2/process.sh to /container/run/process/:apache2/run
*** link /container/service/:cfssl/startup.sh to /container/run/startup/:cfssl
*** link /container/service/:cron/startup.sh to /container/run/startup/:cron
*** link /container/service/:cron/process.sh to /container/run/process/:cron/run
*** link /container/service/:logrotate/startup.sh to /container/run/startup/:logrotate
*** link /container/service/:php5-fpm/startup.sh to /container/run/startup/:php5-fpm
*** link /container/service/:php5-fpm/process.sh to /container/run/process/:php5-fpm/run
*** link /container/service/:syslog-ng-core/startup.sh to /container/run/startup/:syslog-ng-core
*** link /container/service/:syslog-ng-core/process.sh to /container/run/process/:syslog-ng-core/run
*** link /container/service/ldap-client/startup.sh to /container/run/startup/ldap-client
*** link /container/service/phpldapadmin/startup.sh to /container/run/startup/phpldapadmin
*** Set environment for startup files
*** Environment files will be proccessed in this order : 
Caution: previously defined variables will not be overriden.
/container/environment/99-default/default.yaml

To see how this files are processed and environment variables values,
run this container with '--loglevel debug'
*** Running /container/run/startup/:apache2...
*** Running /container/run/startup/:cfssl...
*** Running /container/run/startup/:cron...
*** Running /container/run/startup/:logrotate...
*** Running /container/run/startup/:php5-fpm...
*** Running /container/run/startup/:syslog-ng-core...
*** Running /container/run/startup/ldap-client...
No certificate file and certificate key provided, generate:
/container/service/ldap-client/assets/certs/ldap-client.crt and /container/service/ldap-client/assets/certs/ldap-client.key
2016/02/04 23:33:07 [INFO] generate received request
2016/02/04 23:33:07 [INFO] received CSR
2016/02/04 23:33:07 [INFO] generating key: ecdsa-384
2016/02/04 23:33:07 [INFO] encoded CSR
2016/02/04 23:33:07 [INFO] signed certificate with serial number 339515317954423315082173414733848907516063598681
Link /container/service/:cfssl/assets/default-ca/default-ca.pem to /container/service/ldap-client/assets/certs/ldap-ca.crt
*** Running /container/run/startup/phpldapadmin...
Set apache2 https config...
No certificate file and certificate key provided, generate:
/container/service/phpldapadmin/assets/apache2/certs/phpldapadmin.crt and /container/service/phpldapadmin/assets/apache2/certs/phpldapadmin.key
2016/02/04 23:33:07 [INFO] generate received request
2016/02/04 23:33:07 [INFO] received CSR
2016/02/04 23:33:07 [INFO] generating key: ecdsa-384
2016/02/04 23:33:07 [INFO] encoded CSR
2016/02/04 23:33:07 [INFO] signed certificate with serial number 482667326846838888808613753219698680407204434242
Link /container/service/:cfssl/assets/default-ca/default-ca.pem to /container/service/phpldapadmin/assets/apache2/certs/ca.crt
Bootstap phpLDAPadmin...
tr: write error: Broken pipe
tr: write error
*** Set environment for container process
*** Environment files will be proccessed in this order : 
Caution: previously defined variables will not be overriden.
/container/environment/99-default/default.yaml

To see how this files are processed and environment variables values,
run this container with '--loglevel debug'
*** Running runit daemon...
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
Feb  4 23:33:08 phpldapadmin-service syslog-ng[867]: syslog-ng starting up; version='3.5.6'

[chenrui333]

Besides, the LDAP container connection with ApacheDirectoryStudio work as well on Linux.

[maurocj]

I have a mac too and had the same issue but this works for me:

First, run : docker run --name ldap-service --hostname ldap-service --detach osixia/openldap:1.1.1

Then run : docker run --name phpldapadmin-service -p 6443:443 --hostname phpldapadmin-service --link ldap-service:ldap-host --env PHPLDAPADMIN_LDAP_HOSTS=ldap-host --detach osixia/phpldapadmin:0.6.8

Now access by the assigned IP in the vm that in my case is https://192.168.99.100:6443