ldap.yml

gistfile1.txt

## Authorizations
# Uncomment out the merging for each enviornment that you'd like to include.
# You can also just copy and paste the tree (do not include the "authorizations") to each
# enviornment if you need something different per enviornment.
authorizations: &AUTHORIZATIONS
  group_base: dc=corp, dc=xyz, dc=net
  ## Requires config.ldap_check_group_membership in devise.rb be true
  # Can have multiple values, must match all to be authorized
  required_groups:
    
    # If only a group name is given, membership will be checked against "uniqueMember"
   # - cn=admins,ou=groups,dc=test,dc=com
   # - cn=users,ou=groups,dc=test,dc=com
    - cn=RoR,ou=user,ou=abc,dc=corp,dc=xyz,dc=net
   # If an array is given, the first element will be the attribute to check against, the second the group name
   - ["member", "CN=RoR,OU=user,OU=abc,DC=corp,DC=xyz,DC=net"]
   ## Requires config.ldap_check_attributes in devise.rb to be true
  ## Can have multiple attributes and values, must match all to be authorized
  require_attribute:
    objectClass: inetOrgPerson
    authorizationRole: postsAdmin

## Enviornments

development:
  host: 192.168.3.254
  port: 389
  attribute: sAMAccountName
  base: dc=corp, dc=xyz, dc=net
  admin_user: cn=readme, cn=Users, dc=corp, dc=xyz, dc=net
  
  admin_password: password
  ssl: false
  # <<: *AUTHORIZATIONS

test:
  host: localhost
  port: 3389
  attribute: cn
  base: ou=people,dc=test,dc=com
  admin_user: cn=admin,dc=test,dc=com
  admin_password: admin_password
  ssl: simple_tls
  # <<: *AUTHORIZATIONS

production:
  host: localhost
  port: 636
  attribute: cn
  base: ou=people,dc=test,dc=com
  admin_user: cn=admin,dc=test,dc=com
  admin_password: admin_password
  ssl: start_tls
  # <<: *AUTHORIZATIONS