update openldap documentations

This commit is contained in:
egarette@silique.fr 2023-08-10 10:15:12 +02:00
parent e8e9e8719e
commit f2d4c644e6
3 changed files with 48 additions and 48 deletions

View file

@ -9,7 +9,7 @@ include_toc: true
OpenLDAP, the LDAP server. OpenLDAP, the LDAP server.
[More informations about this software.](https://www.openldap.org/) [Software's website.](https://www.openldap.org/)
This service provides a LDAP server. This service provides a LDAP server.
@ -27,53 +27,53 @@ Other services may also require automatic user creation.
### Accounts ### Accounts
#### Gestion des utilisateurs #### Users management
This a family is a leadership. Management of manually created local users. Those users are not classified. This family is a leadership.
| Parameter | Comments | | Parameter | Comments |
|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------| |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------|
| **[accounts.users.ldap_user_mail](extras/accounts/00_account.xml)**<br/>multiple<br/>**Type:** [`mail`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Adresse courriel du compte.<br/>**Example:** johndoe@example.net | | **[accounts.users.ldap_user_mail](extras/accounts/00_account.xml)**<br/>multiple<br/>**Type:** [`mail`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Email address.<br/>An user is identify by his email address.<br/>**Example:** johndoe@example.net |
| **[accounts.users.ldap_user_aliases](extras/accounts/00_account.xml)**<br/>multiple<br/>**Type:** [`mail`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Aliases du mail. | | **[accounts.users.ldap_user_aliases](extras/accounts/00_account.xml)**<br/>multiple<br/>**Type:** [`mail`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Emails aliases.<br/>**Example:** jdoe@example.net |
| **[accounts.users.ldap_user_uid](extras/accounts/00_account.xml)**<br/>mandatory<br/>**Type:** [`unix_user`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nom de compte.<br/>**Example:** jdoe | | **[accounts.users.ldap_user_uid](extras/accounts/00_account.xml)**<br/>mandatory<br/>**Type:** [`unix_user`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Account name.<br/>**Example:** jdoe |
| **[accounts.users.ldap_user_sn](extras/accounts/00_account.xml)**<br/>mandatory<br/>**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Prénom.<br/>**Example:** John | | **[accounts.users.ldap_user_gn](extras/accounts/00_account.xml)**<br/>mandatory<br/>**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Given name.<br/>**Example:** John |
| **[accounts.users.ldap_user_gn](extras/accounts/00_account.xml)**<br/>mandatory<br/>**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nom de famille.<br/>**Example:** Doe | | **[accounts.users.ldap_user_sn](extras/accounts/00_account.xml)**<br/>mandatory<br/>**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Surname.<br/>**Example:** Doe |
| Parameter | Comments | | Parameter | Comments |
|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------| |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------|
| **[accounts.families](extras/accounts/00_account.xml)**<br/>multiple<br/>**Type:** [`unix_user`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Familles. | | **[accounts.families](extras/accounts/00_account.xml)**<br/>multiple<br/>**Type:** [`unix_user`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Families to create.<br/>Users can be classified into families. This variable contains all the names of the families to be created. |
#### Gestion de la famille #### Management of family *suffix value*
This a dynamic family generated from the variable "accounts.families". This a dynamic family generated from the variable "accounts.families".
##### Gestion des utilisateurs de la famille ##### Users management for the family *suffix value*
This a family is a leadership. Management of manually created users. Those users are classified in a family. This family is a leadership.
| Parameter | Comments | | Parameter | Comments |
|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------| |--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------|
| **[accounts.family_.users_.ldap_user_mail_](extras/accounts/00_account.xml)**<br/>multiple<br/>**Type:** [`mail`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Adresse courriel du compte de la famille . | | **[accounts.family_*suffix value*.users_*suffix value*.ldap_user_mail_*suffix value*](extras/accounts/00_account.xml)**<br/>multiple<br/>**Type:** [`mail`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Email address for the family .<br/>An user is identify by his email address.<br/>**Example:** johndoe@family.net |
| **[accounts.family_.users_.ldap_user_aliases_](extras/accounts/00_account.xml)**<br/>multiple<br/>**Type:** [`mail`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Aliases du mail de la famille . | | **[accounts.family_*suffix value*.users_*suffix value*.ldap_user_aliases_*suffix value*](extras/accounts/00_account.xml)**<br/>multiple<br/>**Type:** [`mail`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Emails aliases for the family .<br/>**Example:** jdoe@family.net |
| **[accounts.family_.users_.ldap_user_uid_](extras/accounts/00_account.xml)**<br/>mandatory<br/>**Type:** [`unix_user`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nom de compte de la famille . | | **[accounts.family_*suffix value*.users_*suffix value*.ldap_user_uid_*suffix value*](extras/accounts/00_account.xml)**<br/>mandatory<br/>**Type:** [`unix_user`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Account name for the family .<br/>**Example:** jdoe |
| **[accounts.family_.users_.ldap_user_sn_](extras/accounts/00_account.xml)**<br/>mandatory<br/>**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Prénom de la famille . | | **[accounts.family_*suffix value*.users_*suffix value*.ldap_user_gn_*suffix value*](extras/accounts/00_account.xml)**<br/>mandatory<br/>**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Given name for the family .<br/>**Example:** John |
| **[accounts.family_.users_.ldap_user_gn_](extras/accounts/00_account.xml)**<br/>mandatory<br/>**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nom de famille de la famille . | | **[accounts.family_*suffix value*.users_*suffix value*.ldap_user_sn_*suffix value*](extras/accounts/00_account.xml)**<br/>mandatory<br/>**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Surname for the family .<br/>**Example:** Doe |
## Variables for expert ## Variables for expert
### Général ### Général
#### ldap #### LDAP
| Parameter | Comments | | Parameter | Comments |
|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| **[general.ldap.ldap_schemas](dictionaries/21_openldap-server.xml)**<br/>mandatory, multiple<br/>**Type:** [`filename`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Schémas LDAP additionnel.<br/>**Default:** <ul><li>/etc/openldap/schema/cosine.ldif</li><li>/etc/openldap/schema/inetorgperson.ldif</li><li>/etc/openldap/schema/nis.ldif</li><li>/etc/openldap/schema/misc.ldif</li></ul> | | **[general.ldap.ldap_schemas](dictionaries/21_openldap-server.xml)**<br/>mandatory, multiple<br/>**Type:** [`filename`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Additional LDAP schemas.<br/>**Default:** <ul><li>/etc/openldap/schema/cosine.ldif</li><li>/etc/openldap/schema/inetorgperson.ldif</li><li>/etc/openldap/schema/nis.ldif</li><li>/etc/openldap/schema/misc.ldif</li></ul> |
##### Limites ##### Limits
| Parameter | Comments | | Parameter | Comments |
|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------| |------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------|
| **[general.ldap.limits.ldap_loglevel](dictionaries/21_openldap-server.xml)**<br/>mandatory<br/>**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Niveau de log.<br/>**Default:** 0 | | **[general.ldap.limits.ldap_loglevel](dictionaries/21_openldap-server.xml)**<br/>mandatory<br/>**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Log level.<br/>**Default:** 0 |
| **[general.ldap.limits.ldap_sizelimit](dictionaries/21_openldap-server.xml)**<br/>mandatory<br/>**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nombre maximum d'entrées à retourner lors d'une requête.<br/>**Default:** 5000 | | **[general.ldap.limits.ldap_sizelimit](dictionaries/21_openldap-server.xml)**<br/>mandatory<br/>**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nombre maximum d'entrées à retourner lors d'une requête.<br/>**Default:** 5000 |
| **[general.ldap.limits.ldap_timelimit](dictionaries/21_openldap-server.xml)**<br/>mandatory<br/>**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Temps de réponse maximum à une requête (en secondes).<br/>**Default:** 3600 | | **[general.ldap.limits.ldap_timelimit](dictionaries/21_openldap-server.xml)**<br/>mandatory<br/>**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Temps de réponse maximum à une requête (en secondes).<br/>**Default:** 3600 |

View file

@ -18,17 +18,17 @@
</services> </services>
<variables> <variables>
<family name="ldap"> <family name="ldap" description="LDAP">
<!--variable name='ldap_server_address' redefine="True" hidden="True"/--> <!--variable name='ldap_server_address' redefine="True" hidden="True"/-->
<variable name='prefix_domain_name' hidden="True" mandatory="True" provider="global:prefix_domain_name"/> <variable name='prefix_domain_name' hidden="True" mandatory="True" provider="global:prefix_domain_name"/>
<variable name='ldap_schemas' type='filename' description='Schémas LDAP additionnel' multi='True' mode="expert"> <variable name='ldap_schemas' type='filename' description='Additional LDAP schemas' multi='True' mode="expert">
<value>/etc/openldap/schema/cosine.ldif</value> <value>/etc/openldap/schema/cosine.ldif</value>
<value>/etc/openldap/schema/inetorgperson.ldif</value> <value>/etc/openldap/schema/inetorgperson.ldif</value>
<value>/etc/openldap/schema/nis.ldif</value> <value>/etc/openldap/schema/nis.ldif</value>
<value>/etc/openldap/schema/misc.ldif</value> <value>/etc/openldap/schema/misc.ldif</value>
</variable> </variable>
<family name='limits' description='Limites' mode='expert'> <family name='limits' description='Limits' mode='expert'>
<variable name='ldap_loglevel' type='number' description='Niveau de log' mode="expert"> <variable name='ldap_loglevel' type='number' description='Log level' mode="expert">
<value>0</value> <value>0</value>
</variable> </variable>
<variable name='ldap_sizelimit' type='number' description="Nombre maximum d'entrées à retourner lors d'une requête" mode="expert"> <variable name='ldap_sizelimit' type='number' description="Nombre maximum d'entrées à retourner lors d'une requête" mode="expert">

View file

@ -1,23 +1,23 @@
<?xml version='1.0' encoding='UTF-8'?> <?xml version='1.0' encoding='UTF-8'?>
<rougail version="0.10"> <rougail version="0.10">
<variables> <variables>
<variable name="remotes" description="Serveurs distant ayant un compte" type="domainname" multi="True" provider="LDAP"/> <variable name="remotes" description="Remote services with an account" type="domainname" multi="True" provider="LDAP"/>
<family name="remote_" description="Compte LDAP pour " dynamic="accounts.remotes"> <family name="remote_" dynamic="accounts.remotes" hidden="True">
<variable name="family_" description="Nom de la familly de " hidden="True" provider="LDAP:family"/> <variable name="family_" provider="LDAP:family"/>
<variable name="dn_" description="LDAP DN de " hidden="True" provider="LDAP:dn"/> <variable name="dn_" provider="LDAP:dn"/>
<variable name="password_" type ="password" description="Mot de passe de " hidden="True" provider="LDAP:password"/> <variable name="password_" type="password" provider="LDAP:password"/>
<variable name="base_dn_" description="LDAP base DN de " hidden="True" provider="LDAP:base_dn"/> <variable name="base_dn_" provider="LDAP:base_dn"/>
</family> </family>
<family name="users" description="Gestion des utilisateurs" leadership="True"> <family name="users" description="Users management" leadership="True" help="Management of manually created local users. Those users are not classified.">
<variable name='ldap_user_mail' type="mail" description="Adresse courriel du compte" multi="True" test="johndoe@example.net"/> <variable name='ldap_user_mail' type="mail" description="Email address" multi="True" test="johndoe@example.net" help="An user is identify by his email address."/>
<variable name='ldap_user_aliases' type="mail" description="Aliases du mail" multi="True"/> <variable name='ldap_user_aliases' type="mail" description="Emails aliases" multi="True" test="jdoe@example.net"/>
<variable name='ldap_user_uid' type="unix_user" description="Nom de compte" mandatory="True" test="jdoe"/> <variable name='ldap_user_uid' type="unix_user" description="Account name" mandatory="True" test="jdoe"/>
<variable name='ldap_user_sn' type="string" description="Prénom" mandatory="True" test="John"/> <variable name='ldap_user_gn' type="string" description="Given Name" mandatory="True" test="John"/>
<variable name='ldap_user_gn' type="string" description="Nom de famille" mandatory="True" test="Doe"/> <variable name='ldap_user_sn' type="string" description="Surname" mandatory="True" test="Doe"/>
<variable name='ldap_user_password' type="password" description="Mot de passe" mandatory="True" hidden="True"/> <variable name='ldap_user_password' type="password" mandatory="True" hidden="True"/>
</family> </family>
<variable name="families" description="Familles" type="unix_user" multi="True"/> <variable name="families" description="Families to create" type="unix_user" multi="True" help="Users can be classified into families. This variable contains all the names of the families to be created."/>
<family name="family_" description="Gestion de la famille " dynamic="accounts.families"> <family name="family_" description="Management of family " dynamic="accounts.families" help="Management of manually created users. Those users an classified in a family.">
<family name="users_" description="Gestion des utilisateurs de la famille " leadership="True"> <family name="users_" description="Gestion des utilisateurs de la famille " leadership="True">
<variable name='ldap_user_mail_' type="mail" description="Adresse courriel du compte de la famille " multi="True"/> <variable name='ldap_user_mail_' type="mail" description="Adresse courriel du compte de la famille " multi="True"/>
<variable name='ldap_user_aliases_' type="mail" description="Aliases du mail de la famille " multi="True"/> <variable name='ldap_user_aliases_' type="mail" description="Aliases du mail de la famille " multi="True"/>