| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455 |
- # white space separated list of LDAP servers
- ldap_servers: ldap://127.0.0.1
- # authentication for restricted LDAP servers
- #ldap_bind_dn: cn=operator,ou=Profile,o=foo.com
- #ldap_bind_pw: secret
- # LDAP version to use (2|3)
- #ldap_version 3
- # LDAP timeout
- #ldap_timeout 5
- # LDAP aliases (search|find|always|never)
- ldap_deref: never
- # follow LDAP referrals ?
- ldap_referrals: no
- # restart LDAP I/O operations that fail ?
- ldap_restart: yes
- ## deprecated client side caching, ignored
- ##ldap_cache_ttl
- ##ldap_cache_mem
- # search scope (sub|one|base)
- #ldap_scope: sub
- # starting point for a search
- #ldap_search_base:
- # authenticate against LDAP (bind|custom|fastbind)
- ldap_auth_method: bind
- # Filter LDAP records, %u = username, %r = realm
- # if ldap_auth_method is 'bind' the filter searches for the DN
- # otherwise the filter searches for the userPassword attribute
- #ldap_filter: uid=%u
- # debugging LDAP operation
- #ldap_debug 0
- # require and verify server certificate
- #ldap_tls_check_peer: no
- #ldap_tls_cacert_file:
- #ldap_tls_cacert_dir:
- # list of SSL/TLS ciphers to allow
- #ldap_tls_ciphers: DEFAULT
- # files containing client certificate and key
- #ldap_tls_cert:
- #ldap_tls_key:
|
