Changes between Version 1 and Version 2 of campuswifiandeduroam2023Agenda/pwdca

Timestamp:

Jul 23, 2024, 12:03:34 PM (2 months ago)

Author:

tuwan

Comment:

--

campuswifiandeduroam2023Agenda/pwdca

@@ -188 +188 @@
 }}}
 
-
+'''LDAP Parameters'''
+
+Use an LDAP URI to configure the location of your LDAP server in $ldap_url:
+
+{{{
+$ldap_url = "ldap://localhost:389";
+}}}
+
+You can set several URI, so that next server will be tried if the previous is down:
+
+{{{
+$ldap_url = "ldap://server1 ldap://server2";
+}}}
+
+To use SSL, set ldaps in the URI:
+
+{{{
+$ldap_url = "ldaps://localhost";
+}}}
+
+To use StartTLS, set true in $ldap_starttls:
+
+{{{
+$ldap_starttls = true;
+}}}
+
+'''Credentials'''
+
+Configure DN and password in $ldap_bindn and $ldap_bindpw:
+
+{{{
+$ldap_binddn = "cn=manager,dc=example,dc=com";
+$ldap_bindpw = "secret";
+}}}
+
+'''LDAP Base'''
+
+You can set global base in $ldap_base:
+
+{{{
+$ldap_base = "dc=example,dc=com";
+}}}
+
+'''User search parameters'''
+
+You can set base of the search in $ldap_user_base:
+
+{{{
+$ldap_user_base = "ou=users,".$ldap_base;
+}}}
+
+The filter can be set in $ldap_user_filter:
+{{{
+$ldap_user_filter = "(objectClass=inetOrgPerson)";
+}}}
+
+'''Size limit'''
+
+It is advised to set a search limit on client side if no limit is set by the server:
+
+{{{
+$ldap_size_limit = 100;
+}}}
+
+'''Default password policy'''
+
+Set $ldap_default_ppolicy value if a default policy is configured in your LDAP directory.
+
+{{{
+$ldap_default_ppolicy = "cn=default,ou=ppolicy,dc=example,dc=com";
+}}}
+