9 changed files with 0 additions and 774 deletions
--- a/GITLAB-LDAP-SETUP.md
+++ b/GITLAB-LDAP-SETUP.md
@ -1,192 +0,0 @@
 # GitLab LDAP集成部署指南
 本指南将帮助您将现有的GitLab实例与LDAP服务器集成，实现统一的用户认证。
 ## 部署方案
 我们提供了两种部署方案：
 ### 方案一：使用Docker Compose（推荐）
 使用提供的 `docker-compose.yml` 文件，一次性部署GitLab + OpenLDAP + phpLDAPadmin
 ### 方案二：修改现有GitLab配置
 修改您现有的GitLab容器配置以连接到LDAP服务器
 ## 快速开始
 ### 1. 停止现有的GitLab容器
 ```bash
 docker stop gitlab
 docker rm gitlab
 ```
 ### 2. 使用Docker Compose部署
 ```bash
 # 在项目目录中运行
 docker-compose up -d
 ```
 这将启动以下服务：
 - **OpenLDAP**: LDAP服务器 (端口 389)
 - **phpLDAPadmin**: LDAP管理界面 (端口 8081)
 - **GitLab**: GitLab服务器 (端口 8880)
 ### 3. 初始化LDAP数据
 等待所有容器启动后，导入初始数据：
 ```bash
 # 将LDIF文件复制到OpenLDAP容器
 docker cp ldap-init.ldif openldap:/tmp/
 # 导入数据
 docker exec openldap ldapadd -x -D "cn=admin,dc=example,dc=com" -w admin -f /tmp/ldap-init.ldif
 ```
 ### 4. 验证部署
 #### 访问服务
 - **GitLab**: http://localhost:8880
 - **phpLDAPadmin**: http://localhost:8081
 - **LDAP管理系统**: http://localhost:8080/ldap-demo/web/
 #### 测试LDAP连接
 ```bash
 # 测试LDAP连接
 docker exec openldap ldapsearch -x -H ldap://localhost -b dc=example,dc=com -D "cn=admin,dc=example,dc=com" -w admin
 ```
 ## 配置说明
 ### LDAP服务器配置
 - **服务器地址**: openldap (容器内) / localhost:389 (外部)
 - **基础DN**: dc=example,dc=com
 - **管理员DN**: cn=admin,dc=example,dc=com
 - **管理员密码**: admin
 - **用户基础**: ou=people,dc=example,dc=com
 - **组基础**: ou=groups,dc=example,dc=com
 ### GitLab LDAP配置
 GitLab已配置为：
 - 允许LDAP用户登录
 - 自动创建LDAP用户账户
 - 支持用户名或邮箱登录
 - 映射LDAP属性到GitLab用户信息
 ### 测试用户
 系统已创建以下测试用户：
 | 用户名 | 密码 | 邮箱 | 角色 | 组 |
 |--------|------|------|------|-----|
 | john.doe | password123 | john.doe@example.com | Senior Developer | developers |
 | jane.smith | password123 | jane.smith@example.com | Project Manager | administrators |
 | bob.wilson | password123 | bob.wilson@example.com | DevOps Engineer | developers |
 ## 使用您现有的GitLab容器
 如果您想继续使用现有的GitLab容器，请按以下步骤操作：
 ### 1. 启动LDAP服务器
 ```bash
 # 只启动LDAP相关服务
 docker-compose up -d openldap phpldapadmin
 ```
 ### 2. 修改GitLab配置
 将 `gitlab-ldap-config.rb` 中的配置添加到您的GitLab配置文件：
 `/d/23_Gitlab/DockerData/GitlabData/config/gitlab.rb`
 ### 3. 重新配置GitLab
 ```bash
 docker exec gitlab gitlab-ctl reconfigure
 docker exec gitlab gitlab-ctl restart
 ```
 ## 自定义配置
 ### 修改LDAP域名
 如果您想使用不同的域名，请修改以下文件：
 - `docker-compose.yml` 中的环境变量
 - `ldap-init.ldif` 中的DN
 - GitLab配置中的base DN
 ### 添加更多用户
 您可以通过以下方式添加用户：
 1. 使用phpLDAPadmin Web界面 (http://localhost:8081)
 2. 使用您的LDAP管理系统 (http://localhost:8080/ldap-demo/web/)
 3. 使用LDIF文件和ldapadd命令
 ### SSL/TLS配置
 生产环境建议启用SSL/TLS：
 ```bash
 # 生成自签名证书（仅用于测试）
 docker exec openldap openssl req -new -x509 -nodes -out /container/service/slapd/assets/certs/ldap.crt -keyout /container/service/slapd/assets/certs/ldap.key -days 365
 ```
 ## 故障排除
 ### 常见问题
 1. **GitLab无法连接LDAP**
   - 检查容器网络连接
   - 验证LDAP服务器是否正常运行
   - 检查防火墙设置
 2. **LDAP用户无法登录GitLab**
   - 验证用户DN格式
   - 检查用户密码
   - 查看GitLab日志
 3. **权限问题**
   - 确保LDAP管理员有足够权限
   - 检查组映射配置
 ### 查看日志
 ```bash
 # GitLab日志
 docker logs gitlab
 # LDAP日志
 docker logs openldap
 # GitLab LDAP调试
 docker exec gitlab grep -i ldap /var/log/gitlab/gitlab-rails/production.log
 ```
 ### 测试LDAP认证
 ```bash
 # 测试用户认证
 docker exec openldap ldapwhoami -x -D "uid=john.doe,ou=people,dc=example,dc=com" -w password123
 ```
 ## 安全建议
 1. **更改默认密码**: 修改LDAP管理员密码
 2. **启用TLS**: 在生产环境中启用LDAP over TLS
 3. **网络隔离**: 使用防火墙限制LDAP服务器访问
 4. **定期备份**: 备份LDAP数据和GitLab配置
 5. **监控日志**: 定期检查认证日志
 ## 下一步
 1. 测试LDAP用户登录GitLab
 2. 配置GitLab项目权限
 3. 设置LDAP组到GitLab角色的映射
 4. 配置邮件通知
 5. 设置备份策略
 如有问题，请查看日志文件或联系系统管理员。
--- a/docker-compose-mattermost.yml
+++ b/docker-compose-mattermost.yml
@ -1,84 +0,0 @@
 version: "3.8"
 services:
  # Mattermost Team Edition
  mattermost:
    image: mattermost/mattermost-team-edition:latest
    container_name: mattermost
    hostname: mattermost
    ports:
      - "8065:8065"
    environment:
      # 数据库配置
      MM_SQLSETTINGS_DRIVERNAME: "postgres"
      MM_SQLSETTINGS_DATASOURCE: "postgres://mattermost:mattermost_password@postgres:5432/mattermost?sslmode=disable&connect_timeout=10"
      # 服务配置
      MM_SERVICESETTINGS_SITEURL: "http://localhost:8065"
      MM_SERVICESETTINGS_LISTENADDRESS: ":8065"
      MM_SERVICESETTINGS_ENABLEDEVELOPER: "true"
      # 文件存储配置
      MM_FILESETTINGS_DRIVERNAME: "local"
      MM_FILESETTINGS_DIRECTORY: "/mattermost/data/"
      # 日志配置
      MM_LOGSETTINGS_ENABLECONSOLE: "true"
      MM_LOGSETTINGS_CONSOLELEVEL: "INFO"
      # 用户配置
      MM_TEAMSETTINGS_ENABLEUSERCREATION: "true"
      MM_TEAMSETTINGS_ENABLEOPENSERVER: "true"
      MM_SERVICESETTINGS_ENABLEEMAILINVITATIONS: "false"
      # 安全配置
      MM_SERVICESETTINGS_ENABLEINSECUREOUTGOINGCONNECTIONS: "true"
      # 插件配置
      MM_PLUGINSETTINGS_ENABLE: "true"
      MM_PLUGINSETTINGS_ENABLEUPLOADS: "true"
    depends_on:
      postgres:
        condition: service_healthy
    networks:
      - mattermost_network
    volumes:
      - ./mattermost_data:/mattermost/data
      - ./mattermost_config:/mattermost/config
      - ./mattermost_logs:/mattermost/logs
      - ./mattermost_plugins:/mattermost/plugins
    restart: unless-stopped
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8065/api/v4/system/ping"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 90s
  # PostgreSQL数据库
  postgres:
    image: postgres:13-alpine
    container_name: mattermost_postgres
    environment:
      POSTGRES_DB: mattermost
      POSTGRES_USER: mattermost
      POSTGRES_PASSWORD: mattermost_password
      POSTGRES_INITDB_ARGS: "--encoding=UTF8 --lc-collate=C --lc-ctype=C"
    volumes:
      - ./postgres_data:/var/lib/postgresql/data
    networks:
      - mattermost_network
    restart: unless-stopped
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U mattermost -d mattermost"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 30s
 networks:
  mattermost_network:
    driver: bridge
 # 使用绑定挂载，数据存储在当前目录下
 # volumes 部分已删除，因为使用 ./目录 的绑定挂载
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,95 +0,0 @@
 version: "3.6"
 services:
  # OpenLDAP服务器
  openldap:
    image: osixia/openldap:1.5.0
    container_name: openldap
    hostname: openldap
    ports:
      - "389:389"
      - "636:636"
    environment:
      LDAP_LOG_LEVEL: "256"
      LDAP_ORGANISATION: "Example Inc."
      LDAP_DOMAIN: "example.com"
      LDAP_BASE_DN: "dc=example,dc=com"
      LDAP_ADMIN_PASSWORD: "admin"
      LDAP_CONFIG_PASSWORD: "config"
      LDAP_READONLY_USER: "false"
      LDAP_RFC2307BIS_SCHEMA: "false"
      LDAP_BACKEND: "mdb"
      LDAP_TLS: "false"
      LDAP_REPLICATION: "false"
      KEEP_EXISTING_CONFIG: "false"
      LDAP_REMOVE_CONFIG_AFTER_SETUP: "true"
    volumes:
      - ./ldap_data:/var/lib/ldap
      - ./ldap_config:/etc/ldap/slapd.d
    networks:
      - gitlab_network
    restart: unless-stopped
  # LDAP管理界面 (phpLDAPadmin)
  phpldapadmin:
    image: osixia/phpldapadmin:latest
    container_name: phpldapadmin
    hostname: phpldapadmin
    ports:
      - "8081:80"
    environment:
      PHPLDAPADMIN_LDAP_HOSTS: "openldap"
      PHPLDAPADMIN_HTTPS: "false"
    depends_on:
      - openldap
    networks:
      - gitlab_network
    restart: unless-stopped
  # GitLab
  gitlab:
    image: gitlab/gitlab-ce:latest
    container_name: gitlab
    hostname: localhost
    ports:
      - "8880:8880"
      - "443:443"
      - "22:22"
    environment:
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'http://localhost:8880'
        gitlab_rails['ldap_enabled'] = true
        gitlab_rails['ldap_servers'] = {
          'main' => {
            'label' => 'LDAP',
            'host' => 'openldap',
            'port' => 389,
            'uid' => 'uid',
            'bind_dn' => 'cn=admin,dc=example,dc=com',
            'password' => 'admin',
            'encryption' => 'plain',
            'verify_certificates' => false,
            'timeout' => 10,
            'active_directory' => false,
            'user_filter' => '',
            'base' => 'dc=example,dc=com',
            'lowercase_usernames' => false,
            'allow_username_or_email_login' => true,
            'block_auto_created_users' => false
          }
        }
    volumes:
      - ./gitlab_config:/etc/gitlab
      - ./gitlab_log:/var/log/gitlab
      - ./gitlab_data:/var/opt/gitlab
    depends_on:
      - openldap
    networks:
      - gitlab_network
    restart: unless-stopped
 networks:
  gitlab_network:
    driver: bridge
--- a/docker-compose1.yml
+++ b/docker-compose1.yml
@ -1,97 +0,0 @@
 version: "3.6"
 services:
  # OpenLDAP服务器
  openldap:
    image: osixia/openldap:1.5.0
    container_name: openldap
    hostname: openldap
    ports:
      - "389:389"
      - "636:636"
    environment:
      LDAP_LOG_LEVEL: "256"
      LDAP_ORGANISATION: "Example Inc."
      LDAP_DOMAIN: "example.com"
      LDAP_BASE_DN: "dc=example,dc=com"
      LDAP_ADMIN_PASSWORD: "admin"
      LDAP_CONFIG_PASSWORD: "config"
      LDAP_READONLY_USER: "false"
      LDAP_RFC2307BIS_SCHEMA: "false"
      LDAP_BACKEND: "mdb"
      LDAP_TLS: "false"
      LDAP_REPLICATION: "false"
      KEEP_EXISTING_CONFIG: "false"
      LDAP_REMOVE_CONFIG_AFTER_SETUP: "true"
    volumes:
      - ./ldap_data:/var/lib/ldap
      - ./ldap_config:/etc/ldap/slapd.d
    networks:
      - gitlab_network
    restart: unless-stopped
  # LDAP管理界面 (phpLDAPadmin)
  phpldapadmin:
    image: osixia/phpldapadmin:latest
    container_name: phpldapadmin
    hostname: phpldapadmin
    ports:
      - "8081:80"
    environment:
      PHPLDAPADMIN_LDAP_HOSTS: "openldap"
      PHPLDAPADMIN_HTTPS: "false"
    depends_on:
      - openldap
    networks:
      - gitlab_network
    restart: unless-stopped
  # GitLab
  gitlab:
    image: gitlab/gitlab-ce:latest
    container_name: gitlab
    hostname: localhost
    ports:
      - "8880:8880"
      - "443:443"
      - "22:22"
    environment:
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'http://localhost:8880'
        gitlab_rails['ldap_enabled'] = true
        gitlab_rails['ldap_servers'] = {
          'main' => {
            'label' => 'LDAP',
            'host' => 'openldap',
            'port' => 389,
            'uid' => 'uid',
            'bind_dn' => 'cn=admin,dc=example,dc=com',
            'password' => 'admin',
            'encryption' => 'plain',
            'verify_certificates' => false,
            'timeout' => 10,
            'active_directory' => false,
            'user_filter' => '',
            'base' => 'dc=example,dc=com',
            'lowercase_usernames' => false,
            'allow_username_or_email_login' => true,
            'block_auto_created_users' => false
          }
        }
    volumes:
      - /d/23_Gitlab/DockerData/GitlabData/config:/etc/gitlab
      - /d/23_Gitlab/DockerData/GitlabData/log:/var/log/gitlab
      - /d/23_Gitlab/DockerData/GitlabData/data:/var/opt/gitlab
    depends_on:
      - openldap
    networks:
      - gitlab_network
    restart: unless-stopped
 volumes:
  ldap_data:
  ldap_config:
 networks:
  gitlab_network:
    driver: bridge
--- a/gitlab-ldap-config.rb
+++ b/gitlab-ldap-config.rb
@ -1,66 +0,0 @@
 # GitLab LDAP配置文件
 # 将此配置添加到 /d/23_Gitlab/DockerData/GitlabData/config/gitlab.rb 文件中
 # 外部URL配置
 external_url 'http://localhost:8880'
 # LDAP配置
 gitlab_rails['ldap_enabled'] = true
 gitlab_rails['prevent_ldap_sign_in'] = false
 # LDAP服务器配置
 gitlab_rails['ldap_servers'] = YAML.load <<-'EOS'
  main: # 'main' 是任意的标签，用于标识LDAP服务器
    label: 'LDAP'
    host: 'host.docker.internal'  # 如果LDAP服务器在宿主机上运行
    port: 389
    uid: 'uid'  # 用户名属性，根据您的LDAP架构调整
    bind_dn: 'cn=admin,dc=example,dc=com'  # 管理员DN
    password: 'admin'  # 管理员密码
    encryption: 'plain' # 可选: 'start_tls' 或 'simple_tls'
    verify_certificates: false
    smartcard_auth: false
    active_directory: false
    allow_username_or_email_login: true
    lowercase_usernames: false
    block_auto_created_users: false
    base: 'dc=example,dc=com'  # LDAP基础DN
    user_filter: ''
    ## EE only
    group_base: 'ou=groups,dc=example,dc=com'  # 组基础DN
    admin_group: 'administrators'  # 管理员组
    sync_ssh_keys: false
    # 用户属性映射
    attributes:
      username: ['uid', 'userid', 'sAMAccountName']
      email: ['mail', 'email', 'userPrincipalName']
      name: 'cn'
      first_name: 'givenName'
      last_name: 'sn'
 EOS
 # 其他GitLab配置
 gitlab_rails['time_zone'] = 'Asia/Shanghai'
 # 邮件配置（可选）
 gitlab_rails['gitlab_email_enabled'] = true
 gitlab_rails['gitlab_email_from'] = 'gitlab@example.com'
 gitlab_rails['gitlab_email_display_name'] = 'GitLab'
 # 备份配置（可选）
 gitlab_rails['backup_keep_time'] = 604800  # 7天
 # 日志级别
 gitlab_rails['log_level'] = 'INFO'
 # 禁用一些不需要的服务以节省资源（可选）
 prometheus_monitoring['enable'] = false
 alertmanager['enable'] = false
 grafana['enable'] = false
 # 如果您想要启用HTTPS，取消注释以下配置
 # external_url 'https://localhost'
 # nginx['redirect_http_to_https'] = true
 # nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.crt"
 # nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.key"
--- a/ldap-init.ldif
+++ b/ldap-init.ldif
@ -1,109 +0,0 @@
 # LDAP初始化数据文件
 # 用于创建基本的组织单位、用户和组
 # 创建组织单位 - 用户
 dn: ou=people,dc=example,dc=com
 objectClass: organizationalUnit
 ou: people
 description: 用户组织单位
 # 创建组织单位 - 组
 dn: ou=groups,dc=example,dc=com
 objectClass: organizationalUnit
 ou: groups
 description: 组织单位
 # 创建管理员组
 dn: cn=administrators,ou=groups,dc=example,dc=com
 objectClass: groupOfNames
 cn: administrators
 description: 系统管理员组
 member: cn=admin,dc=example,dc=com
 # 创建开发者组
 dn: cn=developers,ou=groups,dc=example,dc=com
 objectClass: groupOfNames
 cn: developers
 description: 开发者组
 member: cn=admin,dc=example,dc=com
 # 创建测试用户1
 dn: uid=john.doe,ou=people,dc=example,dc=com
 objectClass: inetOrgPerson
 objectClass: posixAccount
 objectClass: shadowAccount
 uid: john.doe
 sn: Doe
 givenName: John
 cn: John Doe
 displayName: John Doe
 uidNumber: 1001
 gidNumber: 1001
 userPassword: password123
 gecos: John Doe
 loginShell: /bin/bash
 homeDirectory: /home/john.doe
 mail: john.doe@example.com
 telephoneNumber: +1-555-0001
 title: Senior Developer
 departmentNumber: IT
 description: Senior Software Developer
 # 创建测试用户2
 dn: uid=jane.smith,ou=people,dc=example,dc=com
 objectClass: inetOrgPerson
 objectClass: posixAccount
 objectClass: shadowAccount
 uid: jane.smith
 sn: Smith
 givenName: Jane
 cn: Jane Smith
 displayName: Jane Smith
 uidNumber: 1002
 gidNumber: 1002
 userPassword: password123
 gecos: Jane Smith
 loginShell: /bin/bash
 homeDirectory: /home/jane.smith
 mail: jane.smith@example.com
 telephoneNumber: +1-555-0002
 title: Project Manager
 departmentNumber: IT
 description: IT Project Manager
 # 创建测试用户3
 dn: uid=bob.wilson,ou=people,dc=example,dc=com
 objectClass: inetOrgPerson
 objectClass: posixAccount
 objectClass: shadowAccount
 uid: bob.wilson
 sn: Wilson
 givenName: Bob
 cn: Bob Wilson
 displayName: Bob Wilson
 uidNumber: 1003
 gidNumber: 1003
 userPassword: password123
 gecos: Bob Wilson
 loginShell: /bin/bash
 homeDirectory: /home/bob.wilson
 mail: bob.wilson@example.com
 telephoneNumber: +1-555-0003
 title: DevOps Engineer
 departmentNumber: IT
 description: DevOps and Infrastructure Engineer
 # 将用户添加到开发者组
 dn: cn=developers,ou=groups,dc=example,dc=com
 changetype: modify
 add: member
 member: uid=john.doe,ou=people,dc=example,dc=com
 -
 add: member
 member: uid=bob.wilson,ou=people,dc=example,dc=com
 # 将管理员用户添加到管理员组
 dn: cn=administrators,ou=groups,dc=example,dc=com
 changetype: modify
 add: member
 member: uid=jane.smith,ou=people,dc=example,dc=com
--- a/step.md
+++ b/step.md
@ -1,49 +0,0 @@
 # 将LDIF文件复制到OpenLDAP容器
 docker cp ldap-init.ldif openldap:/tmp/
 # 导入数据
 docker exec openldap ldapadd -x -D "cn=admin,dc=example,dc=com" -w admin -f /tmp/ldap-init.ldif
 ldap
 用户DN: cn=admin,dc=example,dc=com
 密码: admin
 RDN 是 Relative Distinguished Name（相对可分辨名称）的缩写，是LDAP中的一个重要概念。
 RDN 解释
 1. 什么是RDN
   RDN 是LDAP条目在其父容器中的唯一标识符
   它是DN（Distinguished Name）的最左边部分
   类似于文件系统中的文件名
 2. 举例说明
   完整DN: uid=Guwan,ou=people,dc=example,dc=com
 RDN: uid=Guwan （最左边的部分）
 父DN: ou=people,dc=example,dc=com
 3. 常见的RDN格式
   RDN格式	含义	用途
   uid=john	User ID	用户账户
   cn=John Doe	Common Name	人员或组
   ou=people	Organizational Unit	组织单位
   dc=example	Domain Component	域名组件
 4. 在您的情况下
   当您创建用户时，系统会问您要使用什么作为RDN：
 选择 uid: 创建 uid=Guwan,ou=people,dc=example,dc=com
 选择 cn: 创建 cn=Guwan,ou=people,dc=example,dc=com
 5. 为什么重要
   唯一性: 同一容器中不能有相同的RDN
   引用: 其他系统（如GitLab）通过RDN来识别用户
   搜索: LDAP搜索时RDN是重要的查找依据
 6. 在创建用户界面中
   当您看到RDN选择时：
 选择 uid 如果您想要 uid=Guwan 格式
 选择 cn 如果您想要 cn=Guwan 格式
 对于GitLab LDAP集成，通常推荐使用 uid 作为RDN，因为：
 更符合用户账户的标准
 GitLab配置中使用 uid 字段进行认证
 与其他现有用户（uid=bob.wilson 等）保持一致
--- a/update-passwords.ldif
+++ b/update-passwords.ldif
@ -1,15 +0,0 @@
 # 更新用户密码
 dn: uid=john.doe,ou=people,dc=example,dc=com
 changetype: modify
 replace: userPassword
 userPassword: password123
 dn: uid=jane.smith,ou=people,dc=example,dc=com
 changetype: modify
 replace: userPassword
 userPassword: password123
 dn: uid=bob.wilson,ou=people,dc=example,dc=com
 changetype: modify
 replace: userPassword
 userPassword: password123
--- a/users-only.ldif
+++ b/users-only.ldif
@ -1,67 +0,0 @@
 # 只创建用户，不包含已存在的组织单位
 # 创建测试用户1
 dn: uid=john.doe,ou=people,dc=example,dc=com
 objectClass: inetOrgPerson
 objectClass: posixAccount
 objectClass: shadowAccount
 uid: john.doe
 sn: Doe
 givenName: John
 cn: John Doe
 displayName: John Doe
 uidNumber: 1001
 gidNumber: 1001
 userPassword: password123
 gecos: John Doe
 loginShell: /bin/bash
 homeDirectory: /home/john.doe
 mail: john.doe@example.com
 telephoneNumber: +1-555-0001
 title: Senior Developer
 departmentNumber: IT
 description: Senior Software Developer
 # 创建测试用户2
 dn: uid=jane.smith,ou=people,dc=example,dc=com
 objectClass: inetOrgPerson
 objectClass: posixAccount
 objectClass: shadowAccount
 uid: jane.smith
 sn: Smith
 givenName: Jane
 cn: Jane Smith
 displayName: Jane Smith
 uidNumber: 1002
 gidNumber: 1002
 userPassword: password123
 gecos: Jane Smith
 loginShell: /bin/bash
 homeDirectory: /home/jane.smith
 mail: jane.smith@example.com
 telephoneNumber: +1-555-0002
 title: Project Manager
 departmentNumber: IT
 description: IT Project Manager
 # 创建测试用户3
 dn: uid=bob.wilson,ou=people,dc=example,dc=com
 objectClass: inetOrgPerson
 objectClass: posixAccount
 objectClass: shadowAccount
 uid: bob.wilson
 sn: Wilson
 givenName: Bob
 cn: Bob Wilson
 displayName: Bob Wilson
 uidNumber: 1003
 gidNumber: 1003
 userPassword: password123
 gecos: Bob Wilson
 loginShell: /bin/bash
 homeDirectory: /home/bob.wilson
 mail: bob.wilson@example.com
 telephoneNumber: +1-555-0003
 title: DevOps Engineer
 departmentNumber: IT
 description: DevOps and Infrastructure Engineer