Mercurial > kallithea
comparison docs/setup.rst @ 6457:d0f6bd6190c8
auth: change default LDAP to LDAPS on port 636 - insecure authentication is kind of pointless
This will only change the default value for new systems. Existing installations
will keep using whatever value they have in the database.
| author | Mads Kiilerich <madski@unity3d.com> |
|---|---|
| date | Thu, 28 Jul 2016 16:34:49 +0200 |
| parents | 8845ece50d51 |
| children | 2c3d30095d5e |
comparison
equal
deleted
inserted
replaced
| 6456:5a5bab2b773c | 6457:d0f6bd6190c8 |
|---|---|
| 161 Connection settings | 161 Connection settings |
| 162 Enable LDAP = checked | 162 Enable LDAP = checked |
| 163 Host = host.example.com | 163 Host = host.example.com |
| 164 Account = <account> | 164 Account = <account> |
| 165 Password = <password> | 165 Password = <password> |
| 166 Connection Security = LDAPS connection | 166 Connection Security = LDAPS |
| 167 Certificate Checks = DEMAND | 167 Certificate Checks = DEMAND |
| 168 | 168 |
| 169 Search settings | 169 Search settings |
| 170 Base DN = CN=users,DC=host,DC=example,DC=org | 170 Base DN = CN=users,DC=host,DC=example,DC=org |
| 171 LDAP Filter = (&(objectClass=user)(!(objectClass=computer))) | 171 LDAP Filter = (&(objectClass=user)(!(objectClass=computer))) |
| 455 .. code-block:: python | 455 .. code-block:: python |
| 456 | 456 |
| 457 from mod_python import apache | 457 from mod_python import apache |
| 458 import ldap | 458 import ldap |
| 459 | 459 |
| 460 LDAP_SERVER = "ldap://server.mydomain.com:389" | 460 LDAP_SERVER = "ldaps://server.mydomain.com:636" |
| 461 LDAP_USER = "" | 461 LDAP_USER = "" |
| 462 LDAP_PASS = "" | 462 LDAP_PASS = "" |
| 463 LDAP_ROOT = "dc=mydomain,dc=com" | 463 LDAP_ROOT = "dc=mydomain,dc=com" |
| 464 LDAP_FILTER = "sAMAccountName=%s" | 464 LDAP_FILTER = "sAMAccountName=%s" |
| 465 LDAP_ATTR_LIST = ['sAMAccountName','givenname','sn','mail'] | 465 LDAP_ATTR_LIST = ['sAMAccountName','givenname','sn','mail'] |