Mercurial Mercurial > prosody > prosody-modules / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_auth_ldap/README.wiki
changeset 1807 4d73a1a6ba68
parent 1806 0ab737feada6
child 1808 3228fb928a93 
--- a/mod_auth_ldap/README.wiki	Fri Aug 28 16:05:00 2015 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,51 +0,0 @@
-#summary LDAP authentication module
-#labels Stage-Alpha,Type-Auth
-
-_*Note:* A modified version of this module is available, but is not yet committed here. The plan is to merge them, for more info see [http://groups.google.com/group/prosody-dev/browse_thread/thread/282e876116ae4177/906121492495ad35#906121492495ad35 this thread]._
-
-= Introduction =
-
-This is a Prosody authentication plugin which uses LDAP as the backend.
-
-= Dependecies =
-
-This module depends on [http://www.keplerproject.org/lualdap/ LuaLDAP] for connecting to an LDAP server.
-
-= Configuration =
-
-Copy the module to the prosody modules/plugins directory.
-
-In Prosody's configuration file, under the desired host section, add:
-{{{
-	authentication = "ldap"
-	ldap_base = "ou=people,dc=example,dc=com"
-}}}
-
-LDAP options are:
-|| *Name*        || *Description*                                      || *Default value*  ||
-|| ldap_server   || Space-separated list of hostnames or IPs, optionally with port numbers (e.g. "localhost:8389") || "localhost"      ||
-|| ldap_rootdn   || The distinguished name to auth against             || "" (anonymous)   ||
-|| ldap_password || Password for rootdn                                || ""               ||
-|| ldap_filter   || Search filter, with $user and $host substituded for user- and hostname || "(uid=$user)"    ||
-|| ldap_scope    || Search scope. other values: "base" and "subtree"   || "onelevel"       ||
-|| ldap_tls      || Enable TLS (StartTLS) to connect to LDAP (can be true or false). The non-standard 'LDAPS' protocol is not supported. || false            ||
-|| ldap_base     || LDAP base directory which stores user accounts     || This is required ||
-|| ldap_mode     || How passwords are validated.                       || "bind"           ||
-
-*Note:*  lua-ldap reads from /etc/ldap/ldap.conf and other files like
-~prosody/.ldaprc if they exist.  Users wanting to use a particular TLS
-root certificate can specify it in the normal way using TLS_CACERT in
-the OpenLDAP config file.
-
-= Modes =
-
-The "getpasswd" mode requires plain text access to passwords in LDAP and
-feeds them into Prosodys authentication system.  This enables more secure
-authentication mechanisms but does not work for all deployments.
-
-The "bind" performs an LDAP bind, does not require plain text access to
-passwords but limits you to the PLAIN authentication mechanism.
-
-= Compatibility =
-
-|| 0.8 and above || should work ||
prosody-modules