# HG changeset patch # User Kim Alvefur # Date 1441243170 -7200 # Node ID 50d3383a2e080ba4e6e4ae365c3b76239338a305 # Parent ce2ca509a88c3e21207d3dea7b9098be5d5e2e79 mod_auth_ldap/README: Minor tweaks diff -r ce2ca509a88c -r 50d3383a2e08 mod_auth_ldap/README.markdown --- a/mod_auth_ldap/README.markdown Thu Sep 03 03:18:44 2015 +0200 +++ b/mod_auth_ldap/README.markdown Thu Sep 03 03:19:30 2015 +0200 @@ -23,24 +23,26 @@ In Prosody's configuration file, under the desired host section, add: - authentication = "ldap" - ldap_base = "ou=people,dc=example,dc=com" +``` {.lua} +authentication = "ldap" +ldap_base = "ou=people,dc=example,dc=com" +``` -LDAP options are: +Further LDAP options are: Name Description Default value - ---------------- ---------------------------------------------------------------------------------------------------------------------- ------------------ - ldap\_server Space-separated list of hostnames or IPs, optionally with port numbers (e.g. "localhost:8389") "localhost" - ldap\_rootdn The distinguished name to auth against "" (anonymous) - ldap\_password Password for rootdn "" - ldap\_filter Search filter, with \$user and $host substituded for user- and hostname | "(uid=$user)" - ldap\_scope Search scope. other values: "base" and "subtree" "onelevel" - ldap\_tls Enable TLS (StartTLS) to connect to LDAP (can be true or false). The non-standard 'LDAPS' protocol is not supported. false - ldap\_base LDAP base directory which stores user accounts This is required - ldap\_mode How passwords are validated. "bind" + ---------------- ---------------------------------------------------------------------------------------------------------------------- -------------------- + ldap\_base LDAP base directory which stores user accounts **Required field** + ldap\_server Space-separated list of hostnames or IPs, optionally with port numbers (e.g. "localhost:8389") `"localhost"` + ldap\_rootdn The distinguished name to auth against `"" (anonymous)` + ldap\_password Password for rootdn `""` + ldap\_filter Search filter, with `$user` and `$host` substituded for user- and hostname `"(uid=$user)"` + ldap\_scope Search scope. other values: "base" and "subtree" `"onelevel"` + ldap\_tls Enable TLS (StartTLS) to connect to LDAP (can be true or false). The non-standard 'LDAPS' protocol is not supported. `false` + ldap\_mode How passwords are validated. `"bind"` **Note:** lua-ldap reads from /etc/ldap/ldap.conf and other files like -\~prosody/.ldaprc if they exist. Users wanting to use a particular TLS +`~prosody/.ldaprc` if they exist. Users wanting to use a particular TLS root certificate can specify it in the normal way using TLS\_CACERT in the OpenLDAP config file. @@ -57,6 +59,4 @@ Compatibility ============= - --------------- ------------- - 0.8 and above should work - --------------- ------------- +Works with 0.8 and later.