sasl/saslauthd.conf@085c98460a58 (annotated)
sasl/saslauthd.conf
Thu, 02 Aug 2012 00:01:34 +0200
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Thu, 02 Aug 2012 00:01:34 +0200
- changeset 439
- 085c98460a58
- permissions
- -rw-r--r--
Use upstream man pages to avoid local help2man failures, likely due to
shell capability assumptions or cross platform environment variance.
The upstream man pages are probably better formatted anyway.
| michael@144 | 1 | ## |
| michael@144 | 2 | ## saslauthd.conf -- SASL Authentication Daemon Configuration |
| michael@144 | 3 | ## |
| michael@144 | 4 | |
| michael@144 | 5 | # white space separated list of LDAP servers |
| michael@144 | 6 | ldap_servers: ldap://127.0.0.1 |
| michael@144 | 7 | |
| michael@144 | 8 | # authentication for restricted LDAP servers |
| michael@144 | 9 | #ldap_bind_dn: cn=operator,ou=Profile,o=example.com |
| michael@144 | 10 | #ldap_bind_pw: secret |
| michael@144 | 11 | |
| michael@144 | 12 | # LDAP version to use (2|3) |
| michael@144 | 13 | #ldap_version 3 |
| michael@144 | 14 | |
| michael@144 | 15 | # LDAP timeout |
| michael@144 | 16 | #ldap_timeout 5 |
| michael@144 | 17 | |
| michael@144 | 18 | # LDAP aliases (search|find|always|never) |
| michael@144 | 19 | ldap_deref: never |
| michael@144 | 20 | |
| michael@144 | 21 | # follow LDAP referrals ? |
| michael@144 | 22 | ldap_referrals: no |
| michael@144 | 23 | |
| michael@144 | 24 | # restart LDAP I/O operations that fail ? |
| michael@144 | 25 | ldap_restart: yes |
| michael@144 | 26 | |
| michael@144 | 27 | # search scope (sub|one|base) |
| michael@144 | 28 | #ldap_scope: sub |
| michael@144 | 29 | |
| michael@144 | 30 | # starting point for a search |
| michael@144 | 31 | ldap_search_base: MUST-SPECIFY |
| michael@144 | 32 | |
| michael@144 | 33 | # authenticate against LDAP (bind|custom|fastbind) |
| michael@144 | 34 | ldap_auth_method: bind |
| michael@144 | 35 | |
| michael@144 | 36 | # Filter LDAP records, %u = username, %r = realm |
| michael@144 | 37 | # if ldap_auth_method is 'bind' the filter searches for the DN |
| michael@144 | 38 | # otherwise the filter searches for the userPassword attribute |
| michael@144 | 39 | #ldap_filter: uid=%u |
| michael@144 | 40 | |
| michael@144 | 41 | # debugging LDAP operation |
| michael@144 | 42 | #ldap_debug 0 |
| michael@144 | 43 | |
| michael@144 | 44 | # require and verify server certificate |
| michael@144 | 45 | #ldap_tls_check_peer: no |
| michael@144 | 46 | #ldap_tls_cacert_file: |
| michael@144 | 47 | #ldap_tls_cacert_dir: |
| michael@144 | 48 | |
| michael@144 | 49 | # list of SSL/TLS ciphers to allow |
| michael@144 | 50 | #ldap_tls_ciphers: DEFAULT |
| michael@144 | 51 | |
| michael@144 | 52 | # files containing client certificate and key |
| michael@144 | 53 | #ldap_tls_cert: |
| michael@144 | 54 | #ldap_tls_key: |
| michael@144 | 55 |
