author | Matthew Wild <mwild1@gmail.com> |
Tue, 27 Sep 2022 18:23:42 +0100 | |
changeset 5064 | bc491065c221 |
parent 1463 | d47972f783fb |
permissions | -rw-r--r-- |
809 | 1 |
-- Use Include 'prosody-posix-ldap.cfg.lua' from prosody.cfg.lua to include this file |
862
675945ea2ed6
Change hoelzro's mod_auth_ldap to mod_auth_ldap2
Rob Hoelz <rob@hoelz.ro>
parents:
826
diff
changeset
|
2 |
authentication = 'ldap2' -- Indicate that we want to use LDAP for authentication |
675945ea2ed6
Change hoelzro's mod_auth_ldap to mod_auth_ldap2
Rob Hoelz <rob@hoelz.ro>
parents:
826
diff
changeset
|
3 |
storage = 'ldap' -- Indicate that we want to use LDAP for roster/vcard storage |
809 | 4 |
|
5 |
ldap = { |
|
6 |
hostname = 'localhost', -- LDAP server location |
|
7 |
bind_dn = 'cn=Manager,dc=example,dc=com', -- Bind DN for LDAP authentication (optional if anonymous bind is supported) |
|
8 |
bind_password = 'prosody', -- Bind password (optional if anonymous bind is supported) |
|
9 |
||
10 |
user = { |
|
873 | 11 |
basedn = 'ou=Users,dc=example,dc=com', -- The base DN where user records can be found |
12 |
filter = '(&(objectClass=posixAccount)(!(uid=seven)))', -- Filter expression to find user records under basedn |
|
13 |
usernamefield = 'uid', -- The field that contains the user's ID (this will be the username portion of the JID) |
|
14 |
namefield = 'cn', -- The field that contains the user's full name (this will be the alias found in the roster) |
|
809 | 15 |
}, |
16 |
||
17 |
groups = { |
|
18 |
basedn = 'ou=Groups,dc=example,dc=com', -- The base DN where group records can be found |
|
19 |
memberfield = 'memberUid', -- The field that contains user ID records for this group (each member must have a corresponding entry under the user basedn with the same value in usernamefield) |
|
20 |
namefield = 'cn', -- The field that contains the group's name (used for matching groups in LDAP to group definitions below) |
|
21 |
||
22 |
{ |
|
23 |
name = 'everyone', -- The group name that will be seen in users' rosters |
|
24 |
cn = 'Everyone', -- This field's key *must* match ldap.groups.namefield! It's the name of the LDAP group this definition represents |
|
25 |
admin = false, -- (Optional) A boolean flag that indicates whether members of this group should be considered administrators. |
|
26 |
}, |
|
27 |
{ |
|
28 |
name = 'admin', |
|
29 |
cn = 'Admin', |
|
30 |
admin = true, |
|
31 |
}, |
|
32 |
}, |
|
33 |
||
34 |
vcard_format = { |
|
35 |
displayname = 'cn', -- Consult the vCard configuration section in the README |
|
36 |
nickname = 'uid', |
|
824 | 37 |
photo = { |
826
9dc7d92f44e8
Fix prosody config (type is MIME type)
Rob Hoelz <rob@hoelz.ro>
parents:
824
diff
changeset
|
38 |
type = 'image/jpeg', |
824 | 39 |
binval = 'jpegPhoto', |
1463
d47972f783fb
Include configuration for telephone numbers for LDAP test config
Rob Hoelz <rob@hoelz.ro>
parents:
873
diff
changeset
|
40 |
}, |
d47972f783fb
Include configuration for telephone numbers for LDAP test config
Rob Hoelz <rob@hoelz.ro>
parents:
873
diff
changeset
|
41 |
telephone = { |
d47972f783fb
Include configuration for telephone numbers for LDAP test config
Rob Hoelz <rob@hoelz.ro>
parents:
873
diff
changeset
|
42 |
work = { |
d47972f783fb
Include configuration for telephone numbers for LDAP test config
Rob Hoelz <rob@hoelz.ro>
parents:
873
diff
changeset
|
43 |
voice = true, |
d47972f783fb
Include configuration for telephone numbers for LDAP test config
Rob Hoelz <rob@hoelz.ro>
parents:
873
diff
changeset
|
44 |
number = 'telephoneNumber', |
d47972f783fb
Include configuration for telephone numbers for LDAP test config
Rob Hoelz <rob@hoelz.ro>
parents:
873
diff
changeset
|
45 |
}, |
d47972f783fb
Include configuration for telephone numbers for LDAP test config
Rob Hoelz <rob@hoelz.ro>
parents:
873
diff
changeset
|
46 |
}, |
809 | 47 |
}, |
48 |
} |