You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
120 lines
3.3 KiB
INI
120 lines
3.3 KiB
INI
;
|
|
; Password reset.
|
|
;
|
|
[reset_password]
|
|
|
|
; To enable password reset, change reset_password to 1. Don't
|
|
; forget to change the value back to O, after the password
|
|
; has been reset.
|
|
reset_password = "0"
|
|
|
|
;
|
|
; Error message level.
|
|
;
|
|
[error_messages]
|
|
|
|
; Set to "debug", for more information. IMPORTANT! Debug should be used
|
|
; exclusively during development, and never in production, as it reveals
|
|
; sensitive information.
|
|
level = ""
|
|
|
|
;
|
|
; Override php.ini session settings.
|
|
;
|
|
[session]
|
|
|
|
; If a TLS certificate is set up, set to "1" for increased security.
|
|
cookie_secure = "0"
|
|
|
|
;
|
|
; LDAP.
|
|
;
|
|
; Enter your LDAP server settings below. There are example settings for
|
|
; a free dummy LDAP server at:
|
|
;
|
|
; www.forumsys.com/tutorials/integration-how-to/ldap/online-ldap-test-server
|
|
;
|
|
; Use einstein:password, euclid:password to test its functionality.
|
|
;
|
|
; LDAP access does not work from behind a proxy server.
|
|
;
|
|
[ldap]
|
|
|
|
; Activate login via LDAP. Caution: Disables local login.
|
|
ldap_active = "0"
|
|
|
|
; LDAP server protocol, hostname, and port, e.g. ldap(s)://hostname:port.
|
|
;ldap_server = "ldap://ldap.forumsys.com:389"
|
|
ldap_server = "ldap://ldap.example.com:389"
|
|
|
|
; If the protocol is ldap, a TLS-encrypted connection should be used. Set to 0,
|
|
; only if no TLS certificate is configured on your LDAP server.
|
|
ldap_use_tls = "0"
|
|
|
|
; Base distinguished name (DN).
|
|
;ldap_basedn = "dc=example,dc=com"
|
|
ldap_basedn = "dc=example,dc=com"
|
|
|
|
; Fully qualified bind user DN.
|
|
;ldap_binduser_dn = "cn=read-only-admin,dc=example,dc=com"
|
|
ldap_binduser_dn = "cn=ldapsearch,ou=users,dc=example,dc=com"
|
|
|
|
; Bind user password.
|
|
;ldap_binduser_pw = "password"
|
|
ldap_binduser_pw = "password"
|
|
|
|
; Attribute to use for username lookups.
|
|
ldap_username_attr = "cn"
|
|
|
|
; Attribute which is used to verify login/password pair.
|
|
;ldap_userlogin_attr = "sAMAccountName"
|
|
ldap_userlogin_attr = "cn"
|
|
|
|
; Custom LDAP Filter to additionally restrict the user search, and with (ldap_userlogin_attr = user)
|
|
; ldap_user_filter = "(|(objectClass=user)(objectClass=iNetOrgPerson))"
|
|
ldap_user_filter = "(objectClass=user)"
|
|
|
|
;
|
|
; Authorization. If the below options are provided, a group affiliation
|
|
; is checked (admins vs. users) and permissions are set accordingly.
|
|
; Otherwise, all LDAP users are given admin permissions.
|
|
;
|
|
|
|
; Group relative search base without basedn.
|
|
;ldap_group_rdn = "ou=groups"
|
|
ldap_group_rdn = "ou=groups"
|
|
|
|
; Admin group common name.
|
|
;ldap_admingroup_cn = "cn=admins"
|
|
ldap_admingroup_cn = "cn=ilib_admins"
|
|
|
|
; Admin group DN, if building CN with group_rdn and basedn is not possible.
|
|
ldap_admingroup_dn = ""
|
|
|
|
; User group common name. If only a specific user group can access I, Librarian.
|
|
;ldap_usergroup_cn = "cn=users"
|
|
ldap_usergroup_cn = ""
|
|
|
|
; Use user group DN, if building CN with group_rdn and basedn is not possible.
|
|
ldap_usergroup_dn = ""
|
|
|
|
; Optional admin users, comma separated list
|
|
ldap_admin_users = ""
|
|
|
|
; Group filter prefix.
|
|
; If you want to do recursive searches with LDAP servers that support it
|
|
; (e.g., MS Active Directory), use the correct matching rule.
|
|
;ldap_filter = 'member:1.2.840.113556.1.4.1941'
|
|
ldap_filter = "member"
|
|
|
|
; Change to match your ldap protocol version.
|
|
ldap_version = "3"
|
|
|
|
; Enable REFERRALS.
|
|
ldap_opt_referrals = "0"
|
|
|
|
; Enable and set debug level for LDAP authentication.
|
|
; Messages are logged into Apache Global Error Log.
|
|
ldap_debug_enabled = "0"
|
|
ldap_opt_debug_level = "7"
|