Mercurial > moin > 1.9
changeset 2974:bc61a0470fd9
include defaults for ldap auth in multiconfig (default values need review) (port from 1.6)
author | Thomas Waldmann <tw AT waldmann-edv DOT de> |
---|---|
date | Sat, 05 Jan 2008 21:30:45 +0100 |
parents | d9bb94b15702 |
children | ea78a739b5ad |
files | MoinMoin/config/multiconfig.py |
diffstat | 1 files changed, 37 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/MoinMoin/config/multiconfig.py Sat Jan 05 21:24:30 2008 +0100 +++ b/MoinMoin/config/multiconfig.py Sat Jan 05 21:30:45 2008 +0100 @@ -329,6 +329,43 @@ language_ignore_browser = False # ignore browser settings, use language_default # or user prefs + # ldap / active directory server URI: + ldap_uri = 'ldap://localhost' + + # We can either use some fixed user and password for binding to LDAP. + # Be careful if you need a % char in those strings - as they are used as + # a format string, you have to write %% to get a single % in the end. + #ldap_binddn = 'binduser@example.org' # (AD) + #ldap_binddn = 'cn=admin,dc=example,dc=org' # (OpenLDAP) + #ldap_bindpw = 'secret' + # or we can use the username and password we got from the user: + #ldap_binddn = '%(username)s@example.org' # DN we use for first bind (AD) + #ldap_bindpw = '%(password)s' # password we use for first bind + ldap_binddn = '' + ldap_bindpw = '' + + # base DN we use for searching + #ldap_base = 'ou=SOMEUNIT,dc=example,dc=org' + ldap_base = '' + + # scope of the search we do (2 == ldap.SCOPE_SUBTREE) + ldap_scope = 2 # we do not want to import ldap for everybody just for that + + # ldap filter used for searching: + #ldap_filter = '(sAMAccountName=%(username)s)' # (AD) + ldap_filter = '(uid=%(username)s)' # (OpenLDAP) + # you can also do more complex filtering like: + # "(&(cn=%(username)s)(memberOf=CN=WikiUsers,OU=Groups,DC=example,DC=org))" + + # some attribute names we use to extract information from LDAP: + ldap_givenname_attribute = 'givenName' # ldap attribute we get the first name from + ldap_surname_attribute = 'sn' # ldap attribute we get the family name from + ldap_aliasname_attribute = 'displayName' # ldap attribute we get the aliasname from + ldap_email_attribute = 'mail' # ldap attribute we get the email address from + ldap_coding = 'utf-8' # coding used for ldap queries and result values + ldap_timeout = 10 # how long we wait for the ldap server [s] + ldap_verbose = True # if True, put lots of LDAP debug info into the log + log_reverse_dns_lookups = True # if we do reverse dns lookups for logging hostnames # instead of just IPs log_timing = False # update <data_dir>/timing.log?