Mercurial > kallithea
comparison docs/setup.rst @ 6457:d0f6bd6190c8
auth: change default LDAP to LDAPS on port 636 - insecure authentication is kind of pointless
This will only change the default value for new systems. Existing installations
will keep using whatever value they have in the database.
author | Mads Kiilerich <madski@unity3d.com> |
---|---|
date | Thu, 28 Jul 2016 16:34:49 +0200 |
parents | 8845ece50d51 |
children | 2c3d30095d5e |
comparison
equal
deleted
inserted
replaced
6456:5a5bab2b773c | 6457:d0f6bd6190c8 |
---|---|
161 Connection settings | 161 Connection settings |
162 Enable LDAP = checked | 162 Enable LDAP = checked |
163 Host = host.example.com | 163 Host = host.example.com |
164 Account = <account> | 164 Account = <account> |
165 Password = <password> | 165 Password = <password> |
166 Connection Security = LDAPS connection | 166 Connection Security = LDAPS |
167 Certificate Checks = DEMAND | 167 Certificate Checks = DEMAND |
168 | 168 |
169 Search settings | 169 Search settings |
170 Base DN = CN=users,DC=host,DC=example,DC=org | 170 Base DN = CN=users,DC=host,DC=example,DC=org |
171 LDAP Filter = (&(objectClass=user)(!(objectClass=computer))) | 171 LDAP Filter = (&(objectClass=user)(!(objectClass=computer))) |
455 .. code-block:: python | 455 .. code-block:: python |
456 | 456 |
457 from mod_python import apache | 457 from mod_python import apache |
458 import ldap | 458 import ldap |
459 | 459 |
460 LDAP_SERVER = "ldap://server.mydomain.com:389" | 460 LDAP_SERVER = "ldaps://server.mydomain.com:636" |
461 LDAP_USER = "" | 461 LDAP_USER = "" |
462 LDAP_PASS = "" | 462 LDAP_PASS = "" |
463 LDAP_ROOT = "dc=mydomain,dc=com" | 463 LDAP_ROOT = "dc=mydomain,dc=com" |
464 LDAP_FILTER = "sAMAccountName=%s" | 464 LDAP_FILTER = "sAMAccountName=%s" |
465 LDAP_ATTR_LIST = ['sAMAccountName','givenname','sn','mail'] | 465 LDAP_ATTR_LIST = ['sAMAccountName','givenname','sn','mail'] |