Mercurial > prosody-modules
annotate mod_lib_ldap/dev/prosody-posix-ldap.cfg.lua @ 5465:66e13e79928b
mod_http_oauth2: Note about partial OpenID Discovery implementation
Notably we don't have an JSON Web Key Set, since we use the client
secret in the HS256 algorithm.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Wed, 17 May 2023 17:56:56 +0200 |
parents | d47972f783fb |
children |
rev | line source |
---|---|
809 | 1 -- Use Include 'prosody-posix-ldap.cfg.lua' from prosody.cfg.lua to include this file |
862
675945ea2ed6
Change hoelzro's mod_auth_ldap to mod_auth_ldap2
Rob Hoelz <rob@hoelz.ro>
parents:
826
diff
changeset
|
2 authentication = 'ldap2' -- Indicate that we want to use LDAP for authentication |
675945ea2ed6
Change hoelzro's mod_auth_ldap to mod_auth_ldap2
Rob Hoelz <rob@hoelz.ro>
parents:
826
diff
changeset
|
3 storage = 'ldap' -- Indicate that we want to use LDAP for roster/vcard storage |
809 | 4 |
5 ldap = { | |
6 hostname = 'localhost', -- LDAP server location | |
7 bind_dn = 'cn=Manager,dc=example,dc=com', -- Bind DN for LDAP authentication (optional if anonymous bind is supported) | |
8 bind_password = 'prosody', -- Bind password (optional if anonymous bind is supported) | |
9 | |
10 user = { | |
873 | 11 basedn = 'ou=Users,dc=example,dc=com', -- The base DN where user records can be found |
12 filter = '(&(objectClass=posixAccount)(!(uid=seven)))', -- Filter expression to find user records under basedn | |
13 usernamefield = 'uid', -- The field that contains the user's ID (this will be the username portion of the JID) | |
14 namefield = 'cn', -- The field that contains the user's full name (this will be the alias found in the roster) | |
809 | 15 }, |
16 | |
17 groups = { | |
18 basedn = 'ou=Groups,dc=example,dc=com', -- The base DN where group records can be found | |
19 memberfield = 'memberUid', -- The field that contains user ID records for this group (each member must have a corresponding entry under the user basedn with the same value in usernamefield) | |
20 namefield = 'cn', -- The field that contains the group's name (used for matching groups in LDAP to group definitions below) | |
21 | |
22 { | |
23 name = 'everyone', -- The group name that will be seen in users' rosters | |
24 cn = 'Everyone', -- This field's key *must* match ldap.groups.namefield! It's the name of the LDAP group this definition represents | |
25 admin = false, -- (Optional) A boolean flag that indicates whether members of this group should be considered administrators. | |
26 }, | |
27 { | |
28 name = 'admin', | |
29 cn = 'Admin', | |
30 admin = true, | |
31 }, | |
32 }, | |
33 | |
34 vcard_format = { | |
35 displayname = 'cn', -- Consult the vCard configuration section in the README | |
36 nickname = 'uid', | |
824 | 37 photo = { |
826
9dc7d92f44e8
Fix prosody config (type is MIME type)
Rob Hoelz <rob@hoelz.ro>
parents:
824
diff
changeset
|
38 type = 'image/jpeg', |
824 | 39 binval = 'jpegPhoto', |
1463
d47972f783fb
Include configuration for telephone numbers for LDAP test config
Rob Hoelz <rob@hoelz.ro>
parents:
873
diff
changeset
|
40 }, |
d47972f783fb
Include configuration for telephone numbers for LDAP test config
Rob Hoelz <rob@hoelz.ro>
parents:
873
diff
changeset
|
41 telephone = { |
d47972f783fb
Include configuration for telephone numbers for LDAP test config
Rob Hoelz <rob@hoelz.ro>
parents:
873
diff
changeset
|
42 work = { |
d47972f783fb
Include configuration for telephone numbers for LDAP test config
Rob Hoelz <rob@hoelz.ro>
parents:
873
diff
changeset
|
43 voice = true, |
d47972f783fb
Include configuration for telephone numbers for LDAP test config
Rob Hoelz <rob@hoelz.ro>
parents:
873
diff
changeset
|
44 number = 'telephoneNumber', |
d47972f783fb
Include configuration for telephone numbers for LDAP test config
Rob Hoelz <rob@hoelz.ro>
parents:
873
diff
changeset
|
45 }, |
d47972f783fb
Include configuration for telephone numbers for LDAP test config
Rob Hoelz <rob@hoelz.ro>
parents:
873
diff
changeset
|
46 }, |
809 | 47 }, |
48 } |