From 3c9516947e07e34f589d7bfefa10ce3952bbcba4 Mon Sep 17 00:00:00 2001 From: ferfissimo Date: Thu, 29 Jul 2021 12:12:12 +0000 Subject: [PATCH] =?UTF-8?q?=E2=80=9Eplugins=5Fauth=5Fldap=E2=80=9C=20?= =?UTF-8?q?=C3=A4ndern?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- plugins_auth_ldap.md | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/plugins_auth_ldap.md b/plugins_auth_ldap.md index ee5dcb9..0fb589a 100644 --- a/plugins_auth_ldap.md +++ b/plugins_auth_ldap.md @@ -4,6 +4,9 @@ This plugin provides authentification over LDAP. * [Configuration](#configuration) * [Set up password hash](#set-up-password-hash) * [Set up SSL (LDAPS)](#set-up-ssl-ldap-over-ssl) + * [Set object classes for new entries](#set-object-classes-for-new-entries) + * [Set attributes for new entries](#set-attributes-for-new-entries) + * [Set DN for new entries](#set-dn-for-new-entries) ## Configuration @@ -62,7 +65,7 @@ ca_cert = "/etc/ssl/my-ca.crt" ``` ### Set object classes for new entries -The default object class set is `inetOrgPerson`, but you can override it using +The default object class is `inetOrgPerson`, but you can override it using ```toml [auth_ldap] # ... @@ -91,9 +94,9 @@ To specify other attributes add this to you configuration: gidNumber = 1001 homeDirectory = "/home/{userid}" loginShell = "/bin/bash" - uidNumber = "1000+" + uidNumber = 1000 ``` -A special attribute is `uidNumber`, specifying a "X+" does mean to use an incrementing generator starting at 1000 (or highest uidNumber in active directory). +A special attribute is `uidNumber`, specifying a number x does mean to use an incrementing generator starting at x (or highest uidNumber in active directory). And as you can see you can use placeholders, valid ones: * `userid` @@ -101,7 +104,6 @@ And as you can see you can use placeholders, valid ones: * `firstname` * `lastname` * `mail` -* `birthday` ### Set DN for new entries You can specify a DN template if your user schema requires it, the default one is: @@ -112,3 +114,7 @@ To specify a different template use: ```toml dn_template = "cn={user.firstname} {user.lastname},ou=user,{base_dn}" ``` + +### Other various configuration options +Other optional configuration values include: +* `search_dn`, where to search for users, default `ou=people,{base_dn}`