389 Directory Server - Self Service Portal

This is a small, self contained web portal to allow users to perform some limited self service steps such as changing their name, password or other details.

It is not inteded to replace the cockpit administration console or lib389 cli tools. It is only for limited self-service actions.


This project is NOT COMPLETE and NOT PRODUCTION READY yet. Please contact the 389 team if you are interested in this and testing it. Be ware that there are current possible security issues in the code base that make it not-feasible for production deployment.

More information and Code of Conduct

Please see our contributing guide online:


We believe that all people should be respected and welcome in our communities. As such we follow the Fedora Code of Conduct:



The 389 Directory Server Self Service Portal is subject to the terms detailed in the license agreement file called LICENSE.

Late-breaking news and information on the 389 Directory Server and related projects are available on our wiki page:



You will need a working 389 instance. For the moment this must expose ldapi at:


The easiest way to setup a 389 server to test with this is in a docker container:

docker run --name=389-ds -v 389data:/data -i -t 389ds/dirsrv:latest

You can then run this project in a container such as:

docker run --name=389-ds-portal -v 389data:/data -p 8080 -i -t opensuse/tumbleweed:latest /bin/sh

To run this you will require python3, python3-Flask and temporarily python3-cryptography.

Once installed, in the 389-ds-portal directory run:


For Fedora/RHEL testing (not in a container) you need to create virtual environment to ensure python3 is used:

$ python3 -m venv venv
$ source venv/bin/activate
(venv) pip install -r requirements.txt
(venv) ./devel.sh

Obviously there is some work to be done around configuring this project!!!


py.test ./test.py


To build the image run:

docker build -t 389-ds-portal:devel .

Then to run it with an instance:

docker run --name=389-ds -v 389data:/data -i -t 389ds/dirsrv:latest
docker run --name=389-ds-portal -v 389data:/data -p 8080:8080 -i -t 389-ds-portal:devel

You may need to add some users to the container such as:

docker exec -i -t 389-ds /usr/sbin/dsconf localhost backend create --be-name userRoot --suffix dc=example,dc=com
docker exec -i -t 389-ds /usr/sbin/dsidm -b dc=example,dc=com localhost initialise
docker exec -i -t 389-ds /usr/sbin/dsidm -b dc=example,dc=com localhost user create --uid william --cn william --displayName william --uidNumber 1000 --gidNumber 1000 --homeDirectory /home/william
docker exec -i -t 389-ds /usr/sbin/dsidm -b dc=example,dc=com localhost account reset_password uid=william,ou=People,dc=example,dc=com

Now you should be able to use the portal as a test.