|server||The server hosting the LDAP or AD service.|
The username and password RT should use to connect to the LDAP
If you can bind to your LDAP server anonymously you may be able to omit these options. Many servers do not allow anonymous binds, or restrict what information they can see or how much information they can retrieve. If your server does not allow anonymous binds then you must have a service account created for this extension to function.
|base||The LDAP search base.|
The filter to use to match RT users. You must specify it
and it must be a valid LDAP filter encased in parentheses.
The filter that will only match disabled users. Optional.
Must be a valid LDAP filter encased in parentheses.
For example with Active Directory the following can be used:
|group||Does authentication depend on group membership? What group name?|
|group_attr||What is the attribute for the group object that determines membership?|
|group_scope||What is the scope of the group search? base, one or sub. Optional; defaults to base, which is good enough for most cases. sub is appropriate when you have nested groups.|
|group_attr_value||What is the attribute of the user entry that should be matched against group_attr above? Optional; defaults to dn.|
Should we try to use TLS to encrypt connections? Either a scalar, for
simple enabling, or a hash of values to pass to start_tls in Net::LDAP.
By default, Net::LDAP does no certificate validation! To validate
|net_ldap_args||What other args should be passed to Net::LDAP->new($host,@args)?|
|perl v5.20.3||RT::AUTHEN::EXTERNALAUTH::LDAP (3)||2014-10-16|