-
Notifications
You must be signed in to change notification settings - Fork 0
/
DIRECTIVES
80 lines (52 loc) · 2.52 KB
/
DIRECTIVES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
* LDAPUserDir
The public subdirectory in users' home directories.
Example: LDAPUserDir public_html
* LDAPUserDirServer
The LDAP directory server to connect to.
Example: LDAPUserDirServer server.example.com
For failover, multiple servers can be specified.
Example: LDAPUserDirServer server1.example.com server2.example.com
* LDAPUserDirServerURL
The LDAP URL to use. The attributes and extensions fields of the URL are
ignored. The attributes portion of the URL is ignored; use
LDAPAttributeName to change the expected attribute names. Base DNs and
escapes (%u/%v) used in the URL must be URL encoded (e.g., replace '='
with '%3D', ',' with '%2C', '%' with '%25', etc).
Example: LDAPUserDirServerURL ldap://server.example.com/dc%3Dexample%2Cdc%3Dcom??sub?(uid=%25v)
For failover, multiple URLs can be specified.
Example: LDAPUserDirServerURL ldap://server.example.com/dc%3Dexample%2Cdc%3Dcom??sub?(uid=%25v) ldap://server2.example.com/dc%3Dexample%2Cdc%3Dcom??sub?(uid=%25v)
* LDAPUserDirDNInfo
The DN and password to use when binding to the LDAP server. If this
directive is omitted, anonymous binds are used.
Example: LDAPUserDirDNInfo cn=root,dc=example,dc=com dnpass
* LDAPUserDirBaseDN
The base DN to search on.
Example: LDAPUserDirBaseDN dc=example,dc=com
* LDAPUserDirFilter
The LDAP filter template to use for searches. Both %u and %v are replaced
with the username being resolved, but %v is deprecated and may be removed
in a future release.
Example: LDAPUserDirFilter "(&(uid=%u)(objectClass=posixAccount))"
* LDAPAttributeName
Change the LDAP attribute names used in order to reflect your local schema.
Currently, the "uid", "homeDirectory", "uidNumber", and "gidNumber"
attributes are used.
For example, if your LDAP schema uses the "homeLocation" attribute instead
of "homeDirectory":
Example: LDAPAttributeName homeDirectory homeLocation
Or if it uses "ispUsername" to store the account's username instead of
"uid":
Example: LDAPAttributeName uid ispUsername
* LDAPUserDirSearchScope
The LDAP search scope ("onelevel" or "subtree").
Example: LDAPUserDirSearchScope subtree
* LDAPProtocolVersion
The LDAP protocol version to use (2 or 3).
Example: LDAPProtocolVersion 3
* LDAPUserDirUseTLS
Whether to use an encrypted (TLS) connection to the LDAP server.
Example: LDAPUserDirUseTLS off
* LDAPUserDirCacheTimeout
How long, in seconds, to store cached LDAP entries. Caching is only
supported with Apache 2.0 and later.
Example: LDAPUserDirCacheTimeout 300