Changes between Version 16 and Version 17 of ActiveDirectoryAuthPlugin


Ignore:
Timestamp:
Sep 17, 2012 9:00:15 PM (2 years ago)
Author:
sandinak
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • ActiveDirectoryAuthPlugin

    v16 v17  
    11[[PageOutline(2-5,Contents,pullout)]] 
    22= Active Directory Auth Plugin = 
     3 
     4'''NOTE:''' Major changes from 0.3  
     5 - conf variables are renamed for standardization 
     6 - now more directory type agnostic 
     7 - soon will be renamed to DirectoryAuthPlugin 
    38 
    49== Description == 
     
    5762 
    5863== Examples == 
     64'''NOTE: this has changed from 0.3 to 0.4!!!!''' 
    5965 
    6066All config options go under the [account-manager] config heading.  Options for this module are: 
     
    6672password_store = ADAuthStore 
    6773#--define the Active Directory host address here.  A port other than default(389) is set as 
    68 hostname:port 
    69 ad_server = adserver.example.com 
     74ldap://hostname:port or ldaps://hostname:port 
     75dir_uri = ldap://adserver.example.com 
    7076#-- the Active Directory's base DN to search from, this is likely just your domain 
    71 base_dn = DC=example,DC=com 
    72 #-- the user/password to search active directory from, it must be a valid 
    73 bind_dn = ldapuser@example.com 
    74 bind_passwd = ldapuserpassword 
    75 #-- show disabled users 
    76 #   remember users MUST have logged in to get into the session table before they 
    77 #   show up.   
    78 show_disabled_users = 1 
     77dir_basedn = DC=example,DC=com 
     78#-- the user/password to search the directory from, it must be a valid 
     79dir_binddn = ldapuser@example.com 
     80dir_bindpw = ldapuserpassword 
    7981#-- timeout for an ldap operation before in seconds 
    80 ldap_timeout = 5 
     82dir_timeout = 5 
    8183#-- the default charset for the ldap server 
    82 charset = utf-9 
    83 #-- the DN (distinguishing name) for the group that contains users that can login to Trac 
    84 #   if this isn't specified then any valid user in active directory is accepted 
    85 auth_group = CN=Alltechs,OU=Mail enabled groups,OU=Email,DC=serverplus,DC=com 
    86 #-- the DN for the group that contains users that should have the TRAC_ADMIN 
    87 #   permission.  If this option is not given, no user groups will be give the 
    88 #   TRAC_ADMIN permission.  This this option is enabled you must specify the 
    89 #   UserExtensiblePermissionStore as the trac permission store, such as: 
     84dir_charset = utf-9 
     85##### Userinfo 
     86#-- the attribute containing the users login name, THIS MUST BE UNIQUE! 
     87user_attr = sAMAccountName 
     88#-- the attribute containing the users display name 
     89name_attr = displayName 
     90#-- the attribute containing the users email addy 
     91email_attr = mail 
     92##### Groups 
     93#-- where to look for groups, uses dir_basedn if not defined. 
     94group_basedn = ou=Groups,dc=foo,dc=net 
     95#-- expand directory groups 
     96group_expand = 1 
     97#-- the name of a group .. uses user_attr if not defined.  
     98group_attr = cn 
     99#-- which attribute to look in for members 
     100group_member_attr = member 
     101#-- what to look for in the member_attr 
     102group_member_value = dn 
     103#-- the dn of a group that has valid users, all users if not enabled 
     104group_validusers = CN=Alltechs,OU=Mail enabled groups,OU=Email,DC=serverplus,DC=com 
     105#-- the DN for a group automagically given TRAC_ADMIN 
     106#   if this option is enabled you must specify the UserExtensiblePermissionStore as the trac permission store, such as: 
    90107#   [trac] 
    91108#   permission_store = UserExtensiblePermissionStore 
    92 admin_group = CN=Administration,DC=example,DC=com 
    93 #-- cached entry timeout in seconds  
    94 cache_timeout = 90 
    95 #-- memorycache size in entries 
    96 memcache_size = 100 
     109group_tracadmin = CN=Administration,DC=example,DC=com 
     110#### Cache Tuning 
     111#-- cached entry time to live in seconds  
     112cache_ttl= 90 
     113#-- memorycache size in entries, and a highwater warning mark 
     114cache_memsize = 400 
     115cache_memsize_warn 300 
    97116#-- memory cache prune size in percentage 
    98 memcache_prune_percent = 5 
     117cache_memprune = 5 
    99118 
    100119[trac]