Both sides previous revisionPrevious revision | Next revisionBoth sides next revision |
72:ldap_ex_config [2018/07/16 15:41] – [Example Configurations] bkkr | 72:ldap_ex_config [2018/07/16 15:44] – [Example Configurations] bkkr |
---|
recursiveSearch="True" | recursiveSearch="True" |
generateDn="False" | generateDn="False" |
searchFilter="(&(|(departmentNumber=XY-1) | searchFilter="(&(|(departmentNumber=XY-1) |
(departmentNumber=XY-2)) | (departmentNumber=XY-2)) |
(mail=*)(sn=*)(objectClass=XYperson))" | (mail=*)(sn=*)(objectClass=XYperson))" |
defaultRoles="true" | defaultRoles="true" |
recursiveSearch="true" | recursiveSearch="true" |
searchFilter="(&(|(memberOf=CN=ABC-Stages-User, | searchFilter="(&(|(memberOf=CN=ABC-Stages-User, |
OU=Groups Development,OU=Groups,OU=XYZ,DC=auto, DC=abc, | OU=Groups Development,OU=Groups,OU=XYZ,DC=auto, DC=abc, |
DC=com)(memberOf=CN=ABCD-Stages-W, OU=XYZ_Projekt, | DC=com)(memberOf=CN=ABCD-Stages-W, OU=XYZ_Projekt, |
| |
//Example// | //Example// |
| <code> |
| <ldap-provider ident="abc.def" |
| url="ldap:// abc.def:389/dc=abc,dc=def" |
| key="authenticationUsername" |
| defaultRoles="true" |
| recursiveSearch="true" |
| adoptUsers="true" |
| searchFilter="(memberOf=CN=ABC-Stages,CN=Users,DC=abc, |
| DC=def)"> |
| <ldap-authentication |
| type="simple" |
| principal="%"/> |
| <ldap-query-user name="CN=XYZ,OU=_pkit_completed,OU=Users, |
| OU=AB-DOMAIN,OU=Compelted,DC=abc,DC=def" |
| credentials="12345"/> |
| <ldap-attribute name="username" id="sAMAccountName"/> |
| <ldap-attribute name="fullname" id="displayName"/> |
| <ldap-attribute name="email" id="mail"/> |
| <ldap-attribute name="authenticationUsername" |
| id="distinguishedName"/> |
| </ldap-provider> |
| </ldap> |
| </code> |
| |
| //Example for "ondemand" synchronization// |
| <code> |
| <ldap synchronize="ondemand" synchronizeCronExpression="0 */10 * * * |
| ?" maximumDeletionPercentage="90"> |
| <ldap-provider |
| url="ldap://abc.def:389/dc=abc,dc=def" |
| ident="abc" |
| key="fullname" |
| defaultRoles="true" |
| pageSize="0" |
| generateDn="true" |
| searchFilter="" |
| ondemandFilter="(sAMAccountName=%)" |
| recursiveSearch="true" |
| adoptUsers="true"> |
| <ldap-authentication |
| type="simple" |
| principal="%"> |
| </ldap-authentication> |
| <ldap-attribute name="username" id="sAMAccountName"/> |
| <ldap-attribute name="fullname" id="cn"/> |
| <ldap-attribute name="email" id="mail"/> |
| <ldap-attribute name="_id" id="mail"/> |
| </ldap-provider> |
| </ldap> |
| </code> |
| |
| |