afp_ldap.conf — Configuration file used by afpd(8) to configure connections to an LDAP server
afp_ldap.conf is the configuration
file used by afpd to set up connections to an
LDAP server. This is needed for ACL support in order to
be able to query LDAP for UUIDs.
Any line not prefixed with # is interpreted.
You can use afpldaptest(1) to syntactically check your config
The required parameters and their meanings are:
Specifies the LDAP URI of the server to connect to. The URI scheme may be ldap, ldapi or ldaps, specifying LDAP over TCP, ICP or TLS respectively (if supported by the LDAP library). This is only needed for explicit ACL support in order to be able to query LDAP for UUIDs.
Authentication method: none | simple |
sasl
anonymous LDAP bind
simple LDAP bind
SASL. Not yet supported !
Distinguished Name of the user for simple bind.
Distinguished Name of the user for simple bind.
DN of the user container in LDAP.
Search scope for user search: base | one |
sub
DN of the group container in LDAP.
Search scope for user search: base | one
| sub
Name of the LDAP attribute with the UUIDs.
Note: this is used both for users and groups.
Name of the LDAP attribute with the users short name.
Name of the LDAP attribute with the groups short name.
Example 5.1. afp_ldap.conf setup with simple bind
ldap_uri = ldap://somehost:1234/ ldap_auth_method = simple ldap_auth_dn = cn=admin,dc=domain,dc=org ldap_auth_pw = notthisone ldap_userbase = ou=users,dc=domain,dc=org ldap_userscope = one ldap_groupbase = ou=groups,dc=domain,dc=org ldap_groupscope = one ldap_uuid_attr = some_attribute ldap_name_attr = cn ldap_group_attr = cn
