Mercurial > prosody-modules
comparison mod_auth_ldap/README.markdown @ 1823:50d3383a2e08
mod_auth_ldap/README: Minor tweaks
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 03 Sep 2015 03:19:30 +0200 |
| parents | ce2ca509a88c |
| children | 8435e1766054 |
comparison
equal
deleted
inserted
replaced
| 1822:ce2ca509a88c | 1823:50d3383a2e08 |
|---|---|
| 21 | 21 |
| 22 Copy the module to the prosody modules/plugins directory. | 22 Copy the module to the prosody modules/plugins directory. |
| 23 | 23 |
| 24 In Prosody's configuration file, under the desired host section, add: | 24 In Prosody's configuration file, under the desired host section, add: |
| 25 | 25 |
| 26 authentication = "ldap" | 26 ``` {.lua} |
| 27 ldap_base = "ou=people,dc=example,dc=com" | 27 authentication = "ldap" |
| 28 ldap_base = "ou=people,dc=example,dc=com" | |
| 29 ``` | |
| 28 | 30 |
| 29 LDAP options are: | 31 Further LDAP options are: |
| 30 | 32 |
| 31 Name Description Default value | 33 Name Description Default value |
| 32 ---------------- ---------------------------------------------------------------------------------------------------------------------- ------------------ | 34 ---------------- ---------------------------------------------------------------------------------------------------------------------- -------------------- |
| 33 ldap\_server Space-separated list of hostnames or IPs, optionally with port numbers (e.g. "localhost:8389") "localhost" | 35 ldap\_base LDAP base directory which stores user accounts **Required field** |
| 34 ldap\_rootdn The distinguished name to auth against "" (anonymous) | 36 ldap\_server Space-separated list of hostnames or IPs, optionally with port numbers (e.g. "localhost:8389") `"localhost"` |
| 35 ldap\_password Password for rootdn "" | 37 ldap\_rootdn The distinguished name to auth against `"" (anonymous)` |
| 36 ldap\_filter Search filter, with \$user and $host substituded for user- and hostname | "(uid=$user)" | 38 ldap\_password Password for rootdn `""` |
| 37 ldap\_scope Search scope. other values: "base" and "subtree" "onelevel" | 39 ldap\_filter Search filter, with `$user` and `$host` substituded for user- and hostname `"(uid=$user)"` |
| 38 ldap\_tls Enable TLS (StartTLS) to connect to LDAP (can be true or false). The non-standard 'LDAPS' protocol is not supported. false | 40 ldap\_scope Search scope. other values: "base" and "subtree" `"onelevel"` |
| 39 ldap\_base LDAP base directory which stores user accounts This is required | 41 ldap\_tls Enable TLS (StartTLS) to connect to LDAP (can be true or false). The non-standard 'LDAPS' protocol is not supported. `false` |
| 40 ldap\_mode How passwords are validated. "bind" | 42 ldap\_mode How passwords are validated. `"bind"` |
| 41 | 43 |
| 42 **Note:** lua-ldap reads from /etc/ldap/ldap.conf and other files like | 44 **Note:** lua-ldap reads from /etc/ldap/ldap.conf and other files like |
| 43 \~prosody/.ldaprc if they exist. Users wanting to use a particular TLS | 45 `~prosody/.ldaprc` if they exist. Users wanting to use a particular TLS |
| 44 root certificate can specify it in the normal way using TLS\_CACERT in | 46 root certificate can specify it in the normal way using TLS\_CACERT in |
| 45 the OpenLDAP config file. | 47 the OpenLDAP config file. |
| 46 | 48 |
| 47 Modes | 49 Modes |
| 48 ===== | 50 ===== |
| 55 passwords but limits you to the PLAIN authentication mechanism. | 57 passwords but limits you to the PLAIN authentication mechanism. |
| 56 | 58 |
| 57 Compatibility | 59 Compatibility |
| 58 ============= | 60 ============= |
| 59 | 61 |
| 60 --------------- ------------- | 62 Works with 0.8 and later. |
| 61 0.8 and above should work | |
| 62 --------------- ------------- |