<ldap> <!-- LDAP server host and port (default: 389) --> <host>

1. <ldap>
2. <!-- LDAP server host and port (default: 389) -->
3. <host>chef.2s.lan</host>
4. <port>389</port>
5.  
6. <!-- Use LDAP v3 if possible. If disabled, v2 will be used.
7. Encryption options are only available if v3 is enabled. -->
8. <!--
9. <v3/>
10. -->
11.  
12. <!-- Encryption. If enabled, this will create an encrypted channel
13. to the LDAP server using the LDAP STARTTLS mechanism. -->
14. <!--
15. <starttls/>
16. -->
17.  
18. <!-- Encryption. If enabled, this will create an encrypted channel
19. to the server using the old-style "ldaps://" mechanism. It is
20. recommended that you use <starttls/> instead of this. -->
21. <!--
22. <ssl/>
23. -->
24.  
25. <!-- DN to bind as for searches. If unspecified, the searches
26. will be done anonymously. -->
27. <!--
28. <binddn>CN=Donald Richardson,OU=staff,DC=2s,DC=lan</binddn>
29. <bindpw>mypass</bindpw>
30. -->
31.  
32. <!-- LDAP attribute that holds the user ID (default: uid) -->
33. <uidattr>sAMAccountName</uidattr>
34.  
35. <!-- base DN of the tree. You should specify a DN for each
36. authentication realm declared in the <local/> section above,
37. by using the realm attribute. -->
38. <basedn>DC=2S,DC=lan</basedn>
39. </ldap>