From ca68f74e37271ce96f39f968fc85257a25267a68 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Thu, 7 Mar 2019 01:42:22 +0100 Subject: [PATCH] Ldap First Step --- conf/.env | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/conf/.env b/conf/.env index 73d8daa..88c0a52 100644 --- a/conf/.env +++ b/conf/.env @@ -213,7 +213,7 @@ LDAP_BACKGROUND_SYNC=true # LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds # example : LDAP_BACKGROUND_SYNC_INTERVAL=12345 #LDAP_BACKGROUND_SYNC_INTERVAL=100 -LDAP_BACKGROUND_SYNC_INTERVAL=100 +LDAP_BACKGROUND_SYNC_INTERVAL=600000 # LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED : # example : LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true @@ -240,7 +240,7 @@ LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true # LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed # example : LDAP_USER_SEARCH_FILTER= #LDAP_USER_SEARCH_FILTER= -LDAP_USER_SEARCH_FILTER="(&(|(objectclass=posixAccount))(uid=%uid))" +LDAP_USER_SEARCH_FILTER="" # LDAP_USER_SEARCH_SCOPE : base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree) # example : LDAP_USER_SEARCH_SCOPE=one @@ -265,7 +265,7 @@ LDAP_SEARCH_SIZE_LIMIT=0 # LDAP_GROUP_FILTER_ENABLE : Enable group filtering # example : LDAP_GROUP_FILTER_ENABLE=true #LDAP_GROUP_FILTER_ENABLE=false -LDAP_GROUP_FILTER_ENABLE=true +LDAP_GROUP_FILTER_ENABLE=false # LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering # example : LDAP_GROUP_FILTER_OBJECTCLASS=group @@ -288,9 +288,9 @@ LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE=memberUid LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=dn # LDAP_GROUP_FILTER_GROUP_NAME : -# example : LDAP_GROUP_FILTER_GROUP_NAME=yourwekangroup +# example : #LDAP_GROUP_FILTER_GROUP_NAME= - +LDAP_GROUP_FILTER_GROUP_NAME=cn # LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier) # example : LDAP_UNIQUE_IDENTIFIER_FIELD=guid @@ -300,7 +300,6 @@ LDAP_UNIQUE_IDENTIFIER_FIELD=entryUUID # LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8 # example : LDAP_UTF8_NAMES_SLUGIFY=false #LDAP_UTF8_NAMES_SLUGIFY=true -LDAP_UTF8_NAMES_SLUGIFY=true # LDAP_USERNAME_FIELD : Which field contains the ldap username # example : LDAP_USERNAME_FIELD=username @@ -345,7 +344,7 @@ LDAP_SYNC_USER_DATA=true # LDAP_SYNC_USER_DATA_FIELDMAP : # example : LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"} #LDAP_SYNC_USER_DATA_FIELDMAP= -LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name","displayName":"Full name"} +LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name"} # LDAP_SYNC_GROUP_ROLES : # example : @@ -354,14 +353,13 @@ LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name","displayName":"Full name"} # LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP # example : #LDAP_DEFAULT_DOMAIN= +LDAP_DEFAULT_DOMAIN=yh03.yh.yalh.net # Enable/Disable syncing of admin status based on ldap groups: #LDAP_SYNC_ADMIN_STATUS=true -LDAP_SYNC_ADMIN_STATUS=true # Comma separated list of admin group names to sync. #LDAP_SYNC_ADMIN_GROUPS=group1,group2 -LDAP_SYNC_ADMIN_GROUPS=admins # LOGOUT_WITH_TIMER : Enables or not the option logout with timer # example : LOGOUT_WITH_TIMER=true @@ -374,4 +372,4 @@ LDAP_SYNC_ADMIN_GROUPS=admins # LOGOUT_ON_MINUTES : The number of minutes # example : LOGOUT_ON_MINUTES=55 -#LOGOUT_ON_MINUTES= +#LOGOUT_ON_MINUTES= \ No newline at end of file