Rev 2490 | Blame | Compare with Previous | Last modification | View Log
# -*- text -*-
# Lightweight Directory Access Protocol (LDAP) module for ALCASAR
ldap {
server = "localhost"
port = 389
identity = "cn=alcasaradmin;cn=Users;dc=serverad;dc=com"
password = "mypass"
base_dn = "cn=Users;dc=serverad;dc=com"
user {
base_dn = "${..base_dn}"
# "samaccountname=" for AD; "uid=" for LDAP
filter = (samaccountname=%{%{Stripped-User-Name}:-%{User-Name}})
}
options {
chase_referrals = yes
rebind = yes
res_timeout = 10
srv_timelimit = 3
net_timeout = 1
idle = 60
probes = 3
interval = 3
# ldap_debug = 0x0129
}
tls {
# start_tls = yes
# ca_file = /etc/raddb/certs/alcasar-ldaps.crt
# ca_path = ${certdir}
# certificate_file = /path/to/radius.crt
# private_key_file = /path/to/radius.key
# random_file = /dev/urandom
# require_cert = 'demand'
}
pool {
start = 5
min = 3
max = 10
uses = 0
retry_delay = 30
lifetime = 0
idle_timeout = 60
}
}