GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  AUTOMX_LDAP (5)

NAME

automx_ldap - automx LDAP backend configuration parameters \$1 \n[an-margin] level \n[rst2man-indent-level] level margin: \n[rst2man-indent\n[rst2man-indent-level]] - \n[rst2man-indent0] \n[rst2man-indent1] \n[rst2man-indent2]

CONTENTS

Description
Parameters
Authors
See Also
Copyright

DESCRIPTION

The automx_ldap(5) man page specifies all parameters that control access from within automx to a LDAP backend.

PARAMETERS

authzid (no default)
  Specifies the SASL proxy authorization identity.
base (default: none)
  Specifies the default base DN to use when performing ldap operations. The base must be specified as a Distinguished Name in LDAP format.
binddn (default: none)
  Specifies the default bind DN to use when performing ldap operations. The bind DN must be specified as a Distinguished Name in LDAP format.
bindmethod (default: simple)
  Specifies how authentication should take place. Valid options are either simple for a simple bind or sasl for a bind that requires SASL authentication.
bindpw (default: none)
  Specifies the password used when binddn identifies itself with the LDAP server.
cacert (default: none)
  Specifies the path to a file that contains all certificates of Certification Authorities automx should trust.
cert (default: none)
  Specifies the path to a file that contains automx\(aqs certificate.
cipher (default: TLSv1)
  See ciphers(1) for a list of valid options.
filter (default: (objectClass=*))
  Specifies the search filter to select appropriate LDAP objects. The filter should conform to the string representation for search filters as defined in RFC 4515.

NOTE: See the section “Macros and Variables” in automx.conf(5) for a list of available query macros.

host (default:  ldap://127.0.0.1/)
  Specifies one or more LDAP servers separated by commas as shown in the following example:


host = ldap://127.0.0.1, ldap://192.168.2.1


IMPORTANT: Subsequent servers to the first serve only for fallback purposes, i.e. a server to the right will only be queried if the server left to it cannot be reached. If a server can be reached no further attempts will be made regardless if the query returned a result or not.
key (default: none)
  Specifies the path to a file that contains automx\(aqs private key, which matches automx certificate given with cert.
reqcert (default: never)
  Specifies what checks to perform on server certificates in a TLS session, if any. The <level> can be specified as one of the following keywords:
never The client will not request or check any server certificate. This is the default setting.
allow The server certificate is requested. If no certificate is provided, the session proceeds normally. If a bad certificate is provided, it will be ignored and the session proceeds normally.
try The server certificate is requested. If no certificate is provided, the session proceeds normally. If a bad certificate is provided, the session is immediately terminated.
demand These keywords are equivalent. The server certificate is requested. If no certificate is provided, or a bad certificate is provided, the session is immediately terminated.
result_attrs (default: none)
  If automx finds one or more entries, the attributes specified by result_attrs are returned. If * is listed, all user attributes are returned.
saslmech (default: none)
  Specifies the SASL mechanism to be used for authentication.
cram-md5 The SASL cram-md5 mechanism (see: RFC 2195) will be used to authenticate LDAP bind requests.
digest-md5
  The SASL digest-md5 mechanism (see: RFC 2831) will be used to authenticate LDAP bind requests.
external
  The SASL external mechanism (see: RFC 4422) will be used to authenticate LDAP bind requests.
gssapi The SASL gssapi mechanism (see: RFC 4752) will be used to authenticate LDAP bind requests.
none No SASL mechanism will be use to authenticate LDAP bind requests.
scope (default: sub)
  Specify the scope of the search to be one of base (or exact), one (or onelevel), sub (or substree), to specify a base object, one-level, or subtree search.
usetls (default: false)
  Specifies if automx should use TLS when it connects to the LDAP host.

AUTHORS

Christian Roessner < cr@sys4.de>
  Wrote the program.
Patrick Ben Koetter < p@sys4.de>
  Wrote the documentation.

SEE ALSO

 automx(8),  automx.conf(5),  automx_ldap(5),  automx_script(5),  automx_sql(5),  automx-test(1)

COPYRIGHT

This document has been placed in the public domain.
Search for    or go to Top of page |  Section 5 |  Main Index


AUTOMX_LDAP (5) 02/08/2013

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.