multi family support
This commit is contained in:
parent
9ab458e858
commit
43208f0968
3 changed files with 7 additions and 8 deletions
|
@ -81,6 +81,9 @@ tls_require_cert = hard
|
|||
# is still used, only the password field is ignored in it. Before doing any
|
||||
# search, the binding is switched back to the default DN.
|
||||
#auth_bind = no
|
||||
#>GNUNUX
|
||||
auth_bind = yes
|
||||
#<GNUNUX
|
||||
|
||||
# If authentication binding is used, you can save one LDAP request per login
|
||||
# if users' DN can be specified with a common template. The template can use
|
||||
|
@ -97,10 +100,6 @@ tls_require_cert = hard
|
|||
# auth_bind_userdn = cn=%u,ou=people,o=org
|
||||
#
|
||||
#auth_bind_userdn =
|
||||
#>GNUNUX
|
||||
auth_bind = yes
|
||||
auth_bind_userdn = cn=%u,%%ldapclient_base_dn
|
||||
#<GNUNUX
|
||||
|
||||
# LDAP protocol version to use. Likely 2 or 3.
|
||||
#ldap_version = 3
|
||||
|
@ -108,7 +107,7 @@ auth_bind_userdn = cn=%u,%%ldapclient_base_dn
|
|||
# LDAP base. %variables can be used here.
|
||||
# For example: dc=mail, dc=example, dc=org
|
||||
# GNUNUX base =
|
||||
base = %%ldapclient_base_dn
|
||||
base = %%calc_ldapclient_base_dn(%%ldap_base_dn, None, accounts=True)
|
||||
|
||||
# Dereference: never, searching, finding, always
|
||||
#deref = never
|
||||
|
@ -137,7 +136,7 @@ user_attrs = homeDirectory=home
|
|||
# %d - domain part in user@domain, empty if user there's no domain
|
||||
#user_filter = (&(objectClass=posixAccount)(uid=%u))
|
||||
#>GNUNUX
|
||||
user_filter = (&(objectClass=inetOrgPerson)(cn=%u))
|
||||
user_filter = (&(objectClass=inetOrgPerson)(mail=%u))
|
||||
#<GNUNUX
|
||||
|
||||
# Password checking attributes:
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
<variables>
|
||||
<family name="annuaire">
|
||||
<variable name='ldap_server_address' type='domainname' description="Nom DNS du serveur LDAP" mandatory='True'/>
|
||||
<variable name='ldapclient_family' type='unix_user' description="L'arbre LDAP est de type famille"/>
|
||||
<variable name='ldapclient_family' type='unix_user' description="Nom de la famille LDAP"/>
|
||||
<variable name='ldapclient_remote_user' type='string' description="DN de l'tilisateur distant" mandatory='True' hidden="True"/>
|
||||
<variable name='ldapclient_remote_user_password' type='password' description="Mot de passe de l'utilisateur distant" mandatory='True' hidden="True"/>
|
||||
<variable name='ldap_base_dn' type='string' description="Base DN de l'annuaire" mandatory="True" test="dc=test,o=fr"/>
|
||||
|
|
|
@ -13,7 +13,7 @@ commentStartToken = §
|
|||
"ldapPpolicyControl" : 1,
|
||||
"ldapAllowResetExpiredPassword" : 1,
|
||||
"ldapChangePasswordAsUser" : 1,
|
||||
"ldapBase" : "%%ldapclient_base_dn",
|
||||
"ldapBase" : "%%calc_ldapclient_base_dn(%%ldap_base_dn, None, accounts=True)",
|
||||
"ldapExportedVars" : {
|
||||
"uid" : "uid",
|
||||
"cn" : "cn",
|
||||
|
|
Loading…
Reference in a new issue