|
|
|
|
##
|
|
|
|
|
## saslauthd.conf -- SASL Authentication Daemon Configuration
|
|
|
|
|
##
|
|
|
|
|
|
|
|
|
|
# white space separated list of LDAP servers
|
|
|
|
|
ldap_servers: ldap://127.0.0.1
|
|
|
|
|
|
|
|
|
|
# authentication for restricted LDAP servers
|
|
|
|
|
#ldap_bind_dn: cn=operator,ou=Profile,o=foo.com
|
|
|
|
|
#ldap_bind_pw: secret
|
|
|
|
|
|
|
|
|
|
# LDAP version to use (2|3)
|
|
|
|
|
#ldap_version 3
|
|
|
|
|
|
|
|
|
|
# LDAP timeout
|
|
|
|
|
#ldap_timeout 5
|
|
|
|
|
|
|
|
|
|
# LDAP aliases (search|find|always|never)
|
|
|
|
|
ldap_deref: never
|
|
|
|
|
|
|
|
|
|
# follow LDAP referrals ?
|
|
|
|
|
ldap_referrals: no
|
|
|
|
|
|
|
|
|
|
# restart LDAP I/O operations that fail ?
|
|
|
|
|
ldap_restart: yes
|
|
|
|
|
|
|
|
|
|
# search scope (sub|one|base)
|
|
|
|
|
#ldap_scope: sub
|
|
|
|
|
|
|
|
|
|
# starting point for a search
|
|
|
|
|
ldap_search_base: MUST-SPECIFY
|
|
|
|
|
|
|
|
|
|
# authenticate against LDAP (bind|custom|fastbind)
|
|
|
|
|
ldap_auth_method: bind
|
|
|
|
|
|
|
|
|
|
# Filter LDAP records, %u = username, %r = realm
|
|
|
|
|
# if ldap_auth_method is 'bind' the filter searches for the DN
|
|
|
|
|
# otherwise the filter searches for the userPassword attribute
|
|
|
|
|
#ldap_filter: uid=%u
|
|
|
|
|
|
|
|
|
|
# debugging LDAP operation
|
|
|
|
|
#ldap_debug 0
|
|
|
|
|
|
|
|
|
|
# require and verify server certificate
|
|
|
|
|
#ldap_tls_check_peer: no
|
|
|
|
|
#ldap_tls_cacert_file:
|
|
|
|
|
#ldap_tls_cacert_dir:
|
|
|
|
|
|
|
|
|
|
# list of SSL/TLS ciphers to allow
|
|
|
|
|
#ldap_tls_ciphers: DEFAULT
|
|
|
|
|
|
|
|
|
|
# files containing client certificate and key
|
|
|
|
|
#ldap_tls_cert:
|
|
|
|
|
#ldap_tls_key:
|
|
|
|
|
|
