Mercurial > prosody-modules

view mod_lib_ldap/dev/prosody-posix-ldap.cfg.lua @ 4651:8231774f5bfd

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_cloud_notify_encrypted: Ensure body substring remains valid UTF-8 The `body:sub()` call risks splitting the string in the middle of a multi-byte UTF-8 sequence. This should have been caught by util.stanza validation, but that would have caused some havoc, at the very least causing the notification to not be sent. There have been no reports of this happening. Likely because this module isn't widely deployed among users with languages that use many longer UTF-8 sequences. The util.encodings.utf8.valid() function is O(n) where only the last sequence really needs to be checked, but it's in C and expected to be fast.
author Kim Alvefur <zash@zash.se>
date Sun, 22 Aug 2021 13:22:59 +0200
parents d47972f783fb
children
line wrap: on
line source

-- Use Include 'prosody-posix-ldap.cfg.lua' from prosody.cfg.lua to include this file
authentication = 'ldap2' -- Indicate that we want to use LDAP for authentication
storage        = 'ldap'  -- Indicate that we want to use LDAP for roster/vcard storage

ldap = {
    hostname      = 'localhost',                    -- LDAP server location
    bind_dn       = 'cn=Manager,dc=example,dc=com', -- Bind DN for LDAP authentication (optional if anonymous bind is supported)
    bind_password = 'prosody',                      -- Bind password (optional if anonymous bind is supported)

    user = {
      basedn        = 'ou=Users,dc=example,dc=com',                  -- The base DN where user records can be found
      filter        = '(&(objectClass=posixAccount)(!(uid=seven)))', -- Filter expression to find user records under basedn
      usernamefield = 'uid',                                         -- The field that contains the user's ID (this will be the username portion of the JID)
      namefield     = 'cn',                                          -- The field that contains the user's full name (this will be the alias found in the roster)
    },

    groups = {
      basedn      = 'ou=Groups,dc=example,dc=com', -- The base DN where group records can be found
      memberfield = 'memberUid',                   -- The field that contains user ID records for this group (each member must have a corresponding entry under the user basedn with the same value in usernamefield)
      namefield   = 'cn',                          -- The field that contains the group's name (used for matching groups in LDAP to group definitions below)

      {
        name  = 'everyone', -- The group name that will be seen in users' rosters
        cn    = 'Everyone', -- This field's key *must* match ldap.groups.namefield! It's the name of the LDAP group this definition represents
        admin = false,      -- (Optional) A boolean flag that indicates whether members of this group should be considered administrators.
      },
      {
        name  = 'admin',
        cn    = 'Admin',
        admin = true,
      },
    },

    vcard_format = {
      displayname = 'cn', -- Consult the vCard configuration section in the README
      nickname    = 'uid',
      photo       = {
        type   = 'image/jpeg',
        binval = 'jpegPhoto',
      },
      telephone = {
        work = {
          voice = true,
          number = 'telephoneNumber',
        },
      },
    },
}