Created
August 30, 2016 18:31
-
-
Save cyrus-mc/04eb8c3d98f25bd1ecbe71739a50253a to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# server to auth against | |
auth.ldap.server: xxxxx.com | |
# port to connect via | |
auth.ldap.port: 389 | |
# use TLS when connecting | |
auth.ldap.tls: False | |
# LDAP scope level, almost always 2 | |
auth.ldap.scope: 2 | |
# server specified in URI format | |
#auth.ldap.uri: '' | |
# Verify server's TLS certificate | |
auth.ldap.no_verify: False | |
# FOR Testing Only, this is a VERY insecure setting. | |
# If this is True, the LDAP bind password will be ignored and | |
# access will be determined by group membership alone with | |
# the group memberships being retrieved via anonymous bind | |
auth.ldap.auth_by_group_memberyship_only: False | |
# Require authenticating user to be part of this Organizational Unit | |
# This can be blank if your LDAP schema does not use this kind of OU | |
auth.ldap.groupou: '' | |
# Object class for groups. An LDAP search will be done to find all groups of this | |
# class to which the authenticating user belongs. | |
auth.ldap.groupclass: 'group' | |
# Unique ID attribute for the user | |
auth.ldap.accountattributename: 'sAMAccountName' | |
# These are only for Active Directory | |
auth.ldap.activedirectory: True | |
auth.ldap.filter: 'sAMAccountName={{ username }}' | |
auth.ldap.persontype: 'person' | |
auth.ldap.minion_stripdomains: [] | |
auth.ldap.basedn: 'dc=smarshdev,dc=com' | |
auth.ldap.binddn: 'CN=LDAP Lookup,OU=Service Accounts,DC=sxxxx,DC=com' | |
auth.ldap.bindpw: 'xxxxx' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment