LDAP Manager is the cloud-native LDAP web management interface. LDAP has been around for a long time and has become a popular choice for user and group management - however, this should not mean that it's management interface should be hard to deploy and look and feel like it was made in the last century.
LDAP Manager is written in Go and comes with a Vue/Typescript frontend in a single, self-contained docker container. It also exposes it's API over both REST and gRPC!
Before you get started, make sure you have an OpenLDAP server like osixia/openldap running. For more information on deployment and a full example, see the deployment guide.
go install github.com/romnn/ldap-manager/cmd/ldap-manager
ldap-manager serve --generate
go run github.com/romnn/ldap-manager/cmd/ldap-manager serve --generate --http-port 8090
You can also download pre-built binaries from the
releases page,
or use the docker
image:
docker run -p 8080:80 -p 9090:9090 romnn/ldap-manager --generate
For a list of options, run with --help
. If you want to deploy OpenLDAP with LDAP Manager, read along.
helm dependency update deployment/helm/charts/ldapmanager/
COMPOSE_DOCKER_CLI_BUILD=1 DOCKER_BUILDKIT=1 docker-compose -f deployment/docker-compose.yml up
TODO
- when creating new groups, errors are not properly passed through
- when creating new group, cannot add initial members
- removing groups in edit user does not do anything (no errors)
- errors when removing from group in user edit page break layout
- memberof does not respect the initial admin user for both users and admins groups
- Serving the frontend externally
If you have a cluster environment and want to scale the
ldap-manager
container individually or use a more performant static content server likenginx
, you can disable serving static content using the--no-static
(NO_STATIC
) flag.
Before you get started, make sure you have installed the following tools:
$ python3 -m pip install pre-commit bump2version invoke
$ go install github.com/kyoh86/richgo@latest
$ go install golang.org/x/tools/cmd/goimports@latest
$ go install golang.org/x/lint/golint@latest
$ go install github.com/fzipp/gocyclo/cmd/gocyclo@latest
Please always make sure code checks pass:
inv pre-commit
If you want to (re-)compile the grpc service and gateway .proto
source files,
you will need
protoc
protoc-gen-go
protoc-gen-go-grpc
.protoc-gen-grpc-gateway
protoc-gen-openapiv2
apt install -y protobuf-compiler
brew install protobuf
go install google.golang.org/protobuf/cmd/protoc-gen-go@latest
go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@latest
go install github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-grpc-gateway@latest
go install github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2@latest
To compile the protos, you can use the provided script:
inv compile-proto
cd deployment/screenshot
yarn install --dev
yarn run screenshot
-
v2
-
refactor to use manual ldap search only where necessary
-
use an interface for the main functions of the manager in GRPC server
-
point out that the goal is user management only
-
documentation
-
-
nice to have
-
test the grpc and http servers as well
-
Implement CLI interface
- new acc
- change password
- add group
- add member to group
- list users
- verify?
-
-
done
- refactor in general
- add integration test with harbor
- fix the docker container
- fix the frontend
- binds should always open new connections
- function that opens a new connection
- add a simple connection pool
- fix nil pointer errors
- decide what goes into pkg and what goes into internal
- add tests for each file in pkg
- Implement missing password hashing algorithms
- Embed crypt(3) as vendored?
- Fix flaky tests using fuzzy testing and check slappasswd source
- add pagination
- get rid of the password hashing mess
- decide on a consistent naming (user vs account)
- split into more files
- update dependencies
- fix issues and use new api for grpc and http without a base
- add images to the readme