Mercurial > prosody-wiki
comparison mod_auth_ldap.wiki @ 420:eb372e6bb82f
mod_auth_ldap: Document the ldap_mode option
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Tue, 21 Jan 2014 20:26:30 +0100 |
parents | 6c54b5a7ccfb |
children | 7e5c6a70af1e |
comparison
equal
deleted
inserted
replaced
419:fdff0de712a7 | 420:eb372e6bb82f |
---|---|
11 | 11 |
12 Copy the module to the prosody modules/plugins directory. | 12 Copy the module to the prosody modules/plugins directory. |
13 | 13 |
14 In Prosody's configuration file, under the desired host section, add: | 14 In Prosody's configuration file, under the desired host section, add: |
15 {{{ | 15 {{{ |
16 authentication = "ldap" | 16 authentication = "ldap" |
17 }}} | 17 }}} |
18 | 18 |
19 LDAP options are: | 19 LDAP options are: |
20 || *Name* || *Description* || *Default value* || | 20 || *Name* || *Description* || *Default value* || |
21 || ldap_server || space-separated list of hostnames or IPs || "localhost" || | 21 || ldap_server || space-separated list of hostnames or IPs || "localhost" || |
23 || ldap_password || the password || "" || | 23 || ldap_password || the password || "" || |
24 || ldap_filter || search filter, with %s substituded for username || "(uid=%s)" || | 24 || ldap_filter || search filter, with %s substituded for username || "(uid=%s)" || |
25 || ldap_scope || search scope. other values: "base" and "subtree" || "onelevel" || | 25 || ldap_scope || search scope. other values: "base" and "subtree" || "onelevel" || |
26 || ldap_tls || Use TLS to connect to LDAP? (can be true or false) || false || | 26 || ldap_tls || Use TLS to connect to LDAP? (can be true or false) || false || |
27 || ldap_base || LDAP base directory which stores user accounts || this is required || | 27 || ldap_base || LDAP base directory which stores user accounts || this is required || |
28 || ldap_mode || How to validate passwords. Other option is "bind" || "getpasswd" || | |
29 | |
30 = Modes = | |
31 | |
32 The "getpasswd" mode requires plain text access to passwords in LDAP and | |
33 feeds them into Prosodys authentication system. This enables more secure | |
34 authentication mechanisms but does not work for all deployments. | |
35 | |
36 The "bind" performs an LDAP bind, does not require plain text access to | |
37 passwords but limits you to the PLAIN authentication mechanism. | |
28 | 38 |
29 = Compatibility = | 39 = Compatibility = |
30 | 40 |
31 || 0.8 and above || should work || | 41 || 0.8 and above || should work || |