Subversion Repositories ALCASAR

Rev

Rev 2490 | Blame | Compare with Previous | Last modification | View Log

# -*- text -*-
#  Lightweight Directory Access Protocol (LDAP) module for ALCASAR

ldap {
        server = "localhost"
        port = 389
        identity = "cn=alcasaradmin;cn=Users;dc=serverad;dc=com"
        password = "mypass"
        base_dn = "cn=Users;dc=serverad;dc=com"
        user {
                base_dn = "${..base_dn}"
                # "samaccountname=" for AD; "uid=" for LDAP
                filter = (samaccountname=%{%{Stripped-User-Name}:-%{User-Name}})
        }
        options {
                chase_referrals = yes
                rebind = yes
                res_timeout = 10
                srv_timelimit = 3
                net_timeout = 1
                idle = 60
                probes = 3
                interval = 3
#               ldap_debug = 0x0129
        }
        tls {
#               start_tls = yes
#               ca_file = /etc/raddb/certs/alcasar-ldaps.crt
#               ca_path = ${certdir}
#               certificate_file = /path/to/radius.crt
#               private_key_file = /path/to/radius.key
#               random_file = /dev/urandom
#               require_cert = 'demand'
        }
        pool {
                start = 5
                min = 3
                max = 10
                uses = 0
                retry_delay = 30
                lifetime = 0
                idle_timeout = 60
        }
}