Guest User

Untitled

a guest
Aug 19th, 2018
161
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 6.17 KB | None | 0 0
  1. [evanroper@helpdesk ldap]$ cat ldap-authentication.properties
  2. # This flag enables use of this LDAP subsystem for authentication. It may be
  3. # that this subsytem should only be used for synchronization, in which case
  4. # this flag should be set to false.
  5. ldap.authentication.active=true
  6.  
  7. #
  8. # This properties file brings together the common options for LDAP authentication rather than editing the bean definitions
  9. #
  10. ldap.authentication.allowGuestLogin=false
  11. # How to map the user id entered by the user to that passed through to LDAP
  12. # - simple
  13. #    - this must be a DN and would be something like
  14. #      uid=%s,ou=People,dc=company,dc=com
  15. # - digest
  16. #    - usually pass through what is entered
  17. #      %s
  18. # If not set, an LDAP query involving ldap.synchronization.personQuery and ldap.synchronization.userIdAttributeName will
  19. # be performed to resolve the DN dynamically. This allows directories to be structured and doesn't require the user ID to
  20. # appear in the DN.
  21. ldap.authentication.userNameFormat=(uid=%s,ou=People,dc=esa,dc=com)
  22. #ldap.authentication.userNameFormat=%s
  23.  
  24. # The LDAP context factory to use
  25. ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
  26.  
  27. # The URL to connect to the LDAP server
  28. ldap.authentication.java.naming.provider.url=ldap://10.10.0.2:389
  29.  
  30. # The authentication mechanism to use for password validation
  31. ldap.authentication.java.naming.security.authentication=simple
  32.  
  33. # Escape commas entered by the user at bind time
  34. # Useful when using simple authentication and the CN is part of the DN and contains commas
  35. ldap.authentication.escapeCommasInBind=false
  36.  
  37. # Escape commas entered by the user when setting the authenticated user
  38. # Useful when using simple authentication and the CN is part of the DN and contains commas, and the escaped \, is
  39. # pulled in as part of an LDAP sync
  40. # If this option is set to true it will break the default home folder provider as space names can not contain \
  41. ldap.authentication.escapeCommasInUid=false
  42.  
  43. # Comma separated list of user names who should be considered administrators by default
  44. ldap.authentication.defaultAdministratorUserNames=evanroper
  45.  
  46. # This flag enables use of this LDAP subsystem for user and group
  47. # synchronization. It may be that this subsytem should only be used for
  48. # authentication, in which case this flag should be set to false.
  49. ldap.synchronization.active=true
  50.  
  51. # The authentication mechanism to use for synchronization
  52. ldap.synchronization.java.naming.security.authentication=simple
  53.  
  54. # The default principal to use (only used for LDAP sync)
  55. ldap.synchronization.java.naming.security.principal=(cn\=admin,dc\=esa,dc\=com)
  56.  
  57. # The password for the default principal (only used for LDAP sync)
  58. ldap.synchronization.java.naming.security.credentials=*myAdminPasswordHere*
  59.  
  60. # If positive, this property indicates that RFC 2696 paged results should be
  61. # used to split query results into batches of the specified size. This
  62. # overcomes any size limits imposed by the LDAP server.
  63. ldap.synchronization.queryBatchSize=0
  64.  
  65. # If positive, this property indicates that range retrieval should be used to fetch
  66. # multi-valued attributes (such as member) in batches of the specified size.
  67. # Overcomes any size limits imposed by Active Directory.        
  68. ldap.synchronization.attributeBatchSize=0
  69.  
  70. # The query to select all objects that represent the groups to import.
  71. ldap.synchronization.groupQuery=(objectclass\=groupOfNames)
  72.  
  73. # The query to select objects that represent the groups to import that have changed since a certain time.
  74. ldap.synchronization.groupDifferentialQuery=(&(objectclass\=groupOfNames)(!(modifyTimestamp<\={0})))
  75.  
  76. # The query to select all objects that represent the users to import.
  77. ldap.synchronization.personQuery=(objectclass\=inetOrgPerson)
  78.  
  79. # The query to select objects that represent the users to import that have changed since a certain time.
  80. ldap.synchronization.personDifferentialQuery=(&(objectclass\=inetOrgPerson)(!(modifyTimestamp<\={0})))
  81.  
  82. # The group search base restricts the LDAP group query to a sub section of tree on the LDAP server.
  83. ldap.synchronization.groupSearchBase=(ou\=Mail Groups,dc\=esa,dc\=com)
  84.  
  85. # The user search base restricts the LDAP user query to a sub section of tree on the LDAP server.
  86. ldap.synchronization.userSearchBase=(ou\=People,dc\=esa,dc\=com)
  87.  
  88. # The name of the operational attribute recording the last update time for a group or user.
  89. ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
  90.  
  91. # The timestamp format. Unfortunately, this varies between directory servers.
  92. ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z'
  93.  
  94. # The attribute name on people objects found in LDAP to use as the uid in Alfresco
  95. ldap.synchronization.userIdAttributeName=uid
  96.  
  97. # The attribute on person objects in LDAP to map to the first name property in Alfresco
  98. ldap.synchronization.userFirstNameAttributeName=givenName
  99.  
  100. # The attribute on person objects in LDAP to map to the last name property in Alfresco
  101. ldap.synchronization.userLastNameAttributeName=sn
  102.  
  103. # The attribute on person objects in LDAP to map to the email property in Alfresco
  104. ldap.synchronization.userEmailAttributeName=mail
  105.  
  106. # The attribute on person objects in LDAP to map to the organizational id  property in Alfresco
  107. ldap.synchronization.userOrganizationalIdAttributeName=o
  108.  
  109. # The default home folder provider to use for people created via LDAP import
  110. ldap.synchronization.defaultHomeFolderProvider=largeHomeFolderProvider
  111.  
  112. # The attribute on LDAP group objects to map to the authority name property in Alfresco
  113. ldap.synchronization.groupIdAttributeName=cn
  114.  
  115. # The attribute on LDAP group objects to map to the authority display name property in Alfresco
  116. ldap.synchronization.groupDisplayNameAttributeName=description
  117.  
  118. # The group type in LDAP
  119. ldap.synchronization.groupType=groupOfNames
  120.  
  121. # The person type in LDAP
  122. ldap.synchronization.personType=inetOrgPerson
  123.  
  124. # The attribute in LDAP on group objects that defines the DN for its members
  125. ldap.synchronization.groupMemberAttributeName=member
  126.  
  127. # If true progress estimation is enabled. When enabled, the user query has to be run twice in order to count entries.
  128. ldap.synchronization.enableProgressEstimation=true
Add Comment
Please, Sign In to add comment