Difference between revisions of "2.0/Modules/m ldap authentication"
From AnopeWiki
| Line 4: | Line 4: | ||
== <div class="moduleheader">Description</div> == | == <div class="moduleheader">Description</div> == | ||
This module allows many commands such as IDENTIFY, RELEASE, RECOVER, GHOST, etc. use LDAP to authenticate users. | This module allows many commands such as IDENTIFY, RELEASE, RECOVER, GHOST, etc. use LDAP to authenticate users. | ||
| + | |||
| + | *<span style="color: red;">Enabeled/Disabeled using the '''./extra''' command line configuration tool.</span> | ||
*'''Requires module m_ldap'''. | *'''Requires module m_ldap'''. | ||
Latest revision as of 21:46, 13 May 2014
| Language | |
|---|---|
|
English |
|
Description
This module allows many commands such as IDENTIFY, RELEASE, RECOVER, GHOST, etc. use LDAP to authenticate users.
- Enabeled/Disabeled using the ./extra command line configuration tool.
- Requires module m_ldap.
- name=
- Name of module
- basedn=
- The distinguished name used for searching for users's accounts.
- search_filter=
- The search filter used to look up users's accounts.
- object_class=
- The object class used by LDAP to store user account information.
- username_attribute=
- The attribute value used for account names.
- email_attribute=
- The attribute value used for passwords.
- password_attribute=
- The attribute value used for passwords.
- disable_register=
- If set, the reason to give the users who try to "/msg NickServ REGISTER". Disabled by default
- disable_email=
- If set, the reason to give the users who try to "/msg NickServ SET EMAIL". Disabled by default
Default Configuration
/* * m_ldap_authentication [EXTRA] * * This module allows many commands such as IDENTIFY, RELEASE, RECOVER, GHOST, etc. use * LDAP to authenticate users. Requires m_ldap. */ #module { name = "m_ldap_authentication" /* * The distinguished name used for searching for users's accounts. */ basedn = "ou=users,dc=anope,dc=org" /* * The search filter used to look up users's accounts. * %account is replaced with the user's account. * %object_class is replaced with the object_class configured below. */ search_filter = "(&(uid=%account)(objectClass=%object_class))" /* * The object class used by LDAP to store user account information. * This is used for adding new users to LDAP if registration is allowed. */ object_class = "anopeUser" /* * The attribute value used for account names. */ username_attribute = "uid" /* * The attribute value used for email addresses. * This directive is optional. */ email_attribute = "email" /* * The attribute value used for passwords. * Used when registering new accounts in LDAP. */ password_attribute = "userPassword" /* * If set, the reason to give the users who try to "/msg NickServ REGISTER". * If not set, then registration is not blocked. */ #disable_register_reason = "To register on this network visit http://some.misconfigured.site/register" /* * If set, the reason to give the users who try to "/msg NickServ SET EMAIL". * If not set, then email changing is not blocked. */ #disable_email_reason = "To change your email address visit http://some.misconfigured.site" }
