~budgester/irm/trunk

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
; LDAP authentication configuration.
;
; IRM is able to authenticate users by attempting a bind to an LDAP
; database, and to retrieve various pieces of information about the user
; from LDAP instead of from the IRM database.
;
; Note that any database for which a section is defined in this file will
; automatically use LDAP, and will not look for users in the IRM database.
;
; For each database for which you wish to allow this method of
; authenticating users, specify the database's 'id' (whatever's in the
; square brackets in database.ini) then give the necessary parameters as
; config items below that.
;
; Available config options are:
;   server: the hostname or IP address of the LDAP server to connect to.
;	(default: localhost)
;   protocol: the version of the LDAP protocol to use to communicate with
;	the server.  Available values: '2' and '3'.  (default: 3)
;   rootdn: The DN (distinguished name) which is the root of your LDAP
;	directory.  (no useful default)
;   usernamefield: Where the user's login name is stored.  (default: uid)
;   fullnamefield: The field in the retrieved entry which contains the
;	real name (such as "Joe Bloggs").  (default: cn)
;   emailfield: The field in the retrieved entry which contains the user's
;	e-mail address.  (default: mail)
;   locationfield: The field in the retrieved entry which contains the
;	user's location.  (default: roomNumber)
;   phonefield: The field in the retrieved entry which contains the user's
;	contact phone number.  (default: telephoneNumber)
;   binddn: A distinguished name (DN) to use to bind to the LDAP directory
;	for doing data searches.  If none is given, the system will default
;	to doing an anonymous bind.  (default: none)
;   bindpw: The password associated with the DN given in binddn.  Like
;	binddn, if no password is given, an anonymous bind will be
;	performed.  (default: none)
;
; Although many LDAP attribute names are mixed-case in the schema
; specifications, you should specify all field names in this config file as
; all-lowercase.
;
; For example, to define an LDAP authentication method for the testing
; database, you could write something like the following:
;
; [testing]
; server = "ldap.host.com"
; protocol = 3
; rootdn = "o=host.com"
; fullnamefield = "gecos"
; emailfield = "mail"
; locationfield = "officelocation"
; phonefield = "officephonenumber"