forked from ldaptools/ldaptools
-
Notifications
You must be signed in to change notification settings - Fork 0
/
example.yml
86 lines (86 loc) · 4.57 KB
/
example.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
general:
# Optional: When using the LdapManager and there are multiple domains configured, the following domain
# will be selected first by default for any operations.
default_domain: "example.com"
# Optional: The format that the schema is in. Default: yml
schema_format: yml
# Optional: The location to use when loading schema files. Default: "resources/schema" in the library
# root.
schema_folder: "/var/www/project/resources/schema"
# The cache type to use. Either 'stash', 'doctrine', or 'none'. Default: none
cache_type: none
# Optional: These are variable settings for the cache type in use.
cache_options:
# Type: stash, doctrine
# Optional: The location to cache generated schema data. Default: The systems temporary directory.
cache_folder: "/tmp/projectCache"
# Type: stash
# Optional: Whether the cache should auto-refresh based on mod times. This is enabled by default with stash.
# However, the doctrine type does not support it.
cache_auto_refresh: false
domains:
# At least one domain is required.
example:
# Required: The full domain name.
domain_name: "example.com"
# Required: The user to use for binding to LDAP and subsequent operations for the connection.
username: user
# Required: The password for the user binding to LDAP.
password: 12345
# Recommended: The base DN (default naming context) for the domain. If this is empty then it will be queried
# from the RootDSE.
base_dn: "dc=example,dc=com"
# Recommended: One or more LDAP servers to connect to. If this is empty then it will query DNS for a
# list of LDAP servers for the domain.
servers: [ 'example1','example2' ]
# Optional: Whether or not paging should be used for query operations. Default: true
use_paging: true
# Optional: The page size to use for paging operations, such as searches. Default: 1000
page_size: 1000
# Optional: The port to communicate to the LDAP servers on. If this is not set, the default is 389.
# If this is not set and 'use_ssl' is specified, the the port will be set to 636.
port: 389
# Optional: Whether or not to talk to LDAP over SSL. Default: false
use_ssl: false
# Optional: Whether or not to talk to LDAP over TLS. Default: false
# If this is set to false, certain operations will not work. Such as password changes.
use_tls: false
# Optional: The LDAP type for this domain: ad, openldap. Default: ad
ldap_type: openldap
# Optional: Whether the connection should wait to bind until necessary (true) or bind immediately
# on construction (false). Default: false
lazy_bind: false
# Optional: When more than one server is listed for a domain, choose which one is selected for the
# connection. The possible choices are: order (tried in the order they appear), random. Default: order
server_selection: order
# Optional: The encoding type to use. Default: UTF-8
encoding: UTF-8
# Optional: The format that the username should be in when binding. This allows for two possible
# placeholders: %username% and %domainname%. The domain name parameter is the FQDN. Default: For AD
# the default is "%username%@%domainname%", for OpenLDAP it is simply "%username%". But you could easily
# make it something like "CN=%username%,OU=Users,DC=example,DC=local".
bind_format: "%username%"
# Optional: The LDAP_OPT_* constants to use when connecting to LDAP. Default: Sets the protocol version to 3 and
# disables referrals.
ldap_options:
ldap_opt_protocol_version: 3
ldap_opt_referrals: 0
# Optional: The elapsed time a connection can be idle before it is closed and reconnected. Default: 600. To
# To disable this altogether set it to 0.
idle_reconnect: 600
# Optional: The elapsed time (in seconds) to attempt the initial connection to the LDAP server. If it cannot
# establish a connection within this time it will consider the server unreachable/down. Default: 1
connect_timeout: 5
# Any number of additional domains can be added.
test:
domain_name: "test.local"
base_dn: "dc=test,dc=local"
servers: [ 'test1' ]
page_size: 1000
port: 389
use_ssl: false
use_tls: true
username: admin
password: 12345
ldap_type: ad
lazy_bind: false