2.0/Modules/m ldap authentication

From AnopeWiki
Revision as of 21:46, 13 May 2014 by Azander (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
Language

English

Section Database
Module m_ldap_authentication
Author Anope

Description

This module allows many commands such as IDENTIFY, RELEASE, RECOVER, GHOST, etc. use LDAP to authenticate users.

  • Enabeled/Disabeled using the ./extra command line configuration tool.
  • Requires module m_ldap.
name= 
Name of module
basedn= 
The distinguished name used for searching for users's accounts.
search_filter= 
The search filter used to look up users's accounts.
object_class= 
The object class used by LDAP to store user account information.
username_attribute= 
The attribute value used for account names.
email_attribute= 
The attribute value used for passwords.
password_attribute= 
The attribute value used for passwords.
disable_register= 
If set, the reason to give the users who try to "/msg NickServ REGISTER". Disabled by default
disable_email= 
If set, the reason to give the users who try to "/msg NickServ SET EMAIL". Disabled by default

Default Configuration

/*
 * m_ldap_authentication [EXTRA]
 *
 * This module allows many commands such as IDENTIFY, RELEASE, RECOVER, GHOST, etc. use
 * LDAP to authenticate users. Requires m_ldap.
*/
#module
{
        name = "m_ldap_authentication"
 
        /*
         * The distinguished name used for searching for users's accounts.
         */
        basedn = "ou=users,dc=anope,dc=org"
 
        /*
         * The search filter used to look up users's accounts.
         * %account is replaced with the user's account.
         * %object_class is replaced with the object_class configured below.
         */
        search_filter = "(&(uid=%account)(objectClass=%object_class))"
 
        /*
         * The object class used by LDAP to store user account information.
         * This is used for adding new users to LDAP if registration is allowed.
         */
        object_class = "anopeUser"
 
        /*
         * The attribute value used for account names.
         */
        username_attribute = "uid"
 
        /*
         * The attribute value used for email addresses.
         * This directive is optional.
         */
        email_attribute = "email"
 
        /*
         * The attribute value used for passwords.
         * Used when registering new accounts in LDAP.
         */
        password_attribute = "userPassword"
 
        /*
         * If set, the reason to give the users who try to "/msg NickServ REGISTER".
         * If not set, then registration is not blocked.
         */
        #disable_register_reason = "To register on this network visit http://some.misconfigured.site/register"
 
        /*
         * If set, the reason to give the users who try to "/msg NickServ SET EMAIL".
         * If not set, then email changing is not blocked.
         */
        #disable_email_reason = "To change your email address visit http://some.misconfigured.site"
}
Retrieved from "http://wiki.anope.org/index.php?title=2.0/Modules/m_ldap_authentication&oldid=941"