


Dies ist eine alte Version des Dokuments!


# LDAP Authentication configuration file
# This file must be readable by the user of the web server

# LDAP host
# <hostname>:<port>
# Univention UCS + Samba4: <hostname>:7389
host = localhost

# LDAP base dn
# Base dn of the ldap directory, the bind dn will be determined by a search
# request the user uid
basedn = dc=lw-systems,dc=net

# User id attribute
# The attribute which holds the user id for authentication
# Windows AD: userattr = sAMAccountName
#userattr = uid

# user rdn
# Authentication will be performed as: $userattr=USERLOGIN,$usersuffix
# If disabled, a LDAP search operation will be performed to detect the user dn
#usersuffix = 

# User objectclas
# Objectclass of user object
# Windows AD: objectclass = user
#objectclass = posixAccount

# User filter
# LDAP search filter for user object
# Overwrites "userattr" and "objectclass" settings.
# The authentication module need to search in LDAP, thus "binddn" and
# "password" settings could be necessary.
# The "usersuffix" parameter will be disabled internally.
# %s - match login name
# %u - match userpart of login name
# %d - match domainpart of login name
#userfilter = (&(objectClass=posixAccount)(uid=%s))

# Encrypt LDAP connection with TLS if set to "true"
#tls = false

# DN to bind for search requests
# Dn of an user with permissions to search at the ldap tree.
# Enable if anonymous search is not permitted!
# Windows AD: binddn = <username>@<windows-domain>
#binddn =

# Password of the admin user
#password = 

## User is allowed to access his own email adresses and
## addtional adresses

# Email address attribute
# Univention UCS: mailPrimaryAddress
#email = mail

# Email alias attribute
# Windows AD: proxyAddress | proxyAddresses
# Univention UCS: mailAlternativeAddress
#alias = emailAlias

# Allow access to additional email addresses
#addemail =,

# Benno role attribute
#role = bennoRole

# Benno container name attribute
#container = bennoContainer

# Default container (if containerattr not set in LDAP)
#default_container = BennoContainer

# List of username who will always assigned the admin role
#adminuser = bennoadmin, superadmin

# List of username who will always assigned the revisor role
#revisoruser = revisor

# remove domain from username during authentication if set to "true"
#remove_domainsuffix = false

# set debug level
# 0: log only warnings (default)
# 1: log authprotocol responses
# 2: log ldap attribute data
# 3: log ldap requests
#loglevel = 0

### Settings for benno_ldapgroup

# Group objectclas
# Objectclass of group objects
# Windows AD: objectclass = group
#groupobjectclass = posixGroup

# Group user id attribute
# The attribute which holds the userids in group
#groupuserattr = memberUid

# Email group address attribute
# Univention UCS: mailPrimaryAddress, univentionFreeAttributeXX
#groupmailattr = 
konfigurationsbeispiele/ldapauth.conf.1510739791.txt.gz · Zuletzt geändert: 2017/11/15 09:56 von lwsystems