Dies ist eine alte Version des Dokuments!
# # LDAP Authentication configuration file # # This file must be readable by the user of the web server # # LDAP host # # <hostname>:<port> # # Univention UCS + Samba4: <hostname>:7389 # host = localhost # LDAP base dn # # Base dn of the ldap directory, the bind dn will be determined by a search # # request the user uid # basedn = dc=lw-systems,dc=net # User id attribute # # The attribute which holds the user id for authentication # # Windows AD: userattr = sAMAccountName #userattr = uid # user rdn # # Authentication will be performed as: $userattr=USERLOGIN,$usersuffix # # If disabled, a LDAP search operation will be performed to detect the user dn #usersuffix = # User objectclas # # Objectclass of user object # # Windows AD: objectclass = user #objectclass = posixAccount # User filter # # LDAP search filter for user object # Overwrites "userattr" and "objectclass" settings. # # The authentication module need to search in LDAP, thus "binddn" and # "password" settings could be necessary. # The "usersuffix" parameter will be disabled internally. # # %s - match login name # %u - match userpart of login name # %d - match domainpart of login name # #userfilter = (&(objectClass=posixAccount)(uid=%s)) # Encrypt LDAP connection with TLS if set to "true" #tls = false # DN to bind for search requests # # Dn of an user with permissions to search at the ldap tree. # Enable if anonymous search is not permitted! # # Windows AD: binddn = <username>@<windows-domain> #binddn = # Password of the admin user # #password = ## User is allowed to access his own email adresses and ## addtional adresses # Email address attribute # Univention UCS: mailPrimaryAddress #email = mail # Email alias attribute # Windows AD: proxyAddress | proxyAddresses # Univention UCS: mailAlternativeAddress #alias = emailAlias # Allow access to additional email addresses #addemail = info@lw-systems.net, mailing@lw-systems.net # Benno role attribute #role = bennoRole # Benno container name attribute #container = bennoContainer # Default container (if containerattr not set in LDAP) #default_container = BennoContainer # List of username who will always assigned the admin role #adminuser = bennoadmin, superadmin # List of username who will always assigned the revisor role #adminuser = revisor # remove domain from username during authentication if set to "true" #remove_domainsuffix = false # set debug level # 0: log only warnings (default) # 1: log authprotocol responses # 2: log ldap attribute data # 3: log ldap requests #loglevel = 0 ### Settings for benno_ldapgroup # Group objectclas # # Objectclass of group objects # # Windows AD: objectclass = group #groupobjectclass = posixGroup # Group user id attribute # # The attribute which holds the userids in group # #groupuserattr = memberUid # Email group address attribute # # Univention UCS: mailPrimaryAddress, univentionFreeAttributeXX #groupmailattr =