-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathldap-auth-utils.conf
105 lines (84 loc) · 2.54 KB
/
ldap-auth-utils.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
#
# ldap-auth-utils configuration file
#
#
# LDAP configuration
#
#
# Set administrator privileges
#
# on localhost with uid 0
LDAP_PRIV = -Y EXTERNAL -H ldapi:///
# with ldap manager privileges and other host
#LDAP_BIND_PW = @LDAPPW@
#LDAP_BIND_HOST = -H ldapi:///
#LDAP_PRIV = -D "@RDN@" -w "${LDAP_BIND_PW}" ${LDAP_BIND_HOST}
# Organization Unit(OU) name for ldap user/group entry
USER_DN = People
GROUP_DN = Group
#
# Account default informations
#
# Default group id
OPT_GID = 10000
# Default Shell
OPT_SHELL = /bin/bash
# Home directory prefix.
#
# Create with $OPT_HOME_PREFIX/_USER_NAME_
OPT_HOME_PREFIX = /home/ldapusers
# Default GECOS
OPT_GECOS = LDAP Users
# Default group member
# During the account registration, register the account to
# the member of a particular group. Use the white space, you
# can specify more than one.
OPT_GROUPS =
# Minimum UID value to be used in the LDAP
MIN_UID = 10000
# Minimum GID value to be used in the LDAP
MIN_GID = 10000
# Full name order
# SG SurName GivenName
# GS GivenName SurName
FULL_NAME_ORDER = GS
# Access host configuration
#
# Register the host to allow access with the FQDN. Use the white space, you
# can specify more than one. To grant access to all of the hosts, please
# register the "*".
OPT_HOSTS =
#
# Password configuration
#
# Specify the encryption method.
# support: md5, sha256, sha512
# default: sha512
#
# If there is a host that does not support sha512, please specify the md5
# for compatibility.
PASSWD_MECH = sha512
#
# Pasword expire configuration
#
# If the value is not specified, the value that is set to
# /etc/login.defs will be used.
#
# PASS_MAX_DAYS Maximum number of days a password may be used.
# PASS_MIN_DAYS Minimum number of days allowed between password changes.
# PASS_WARN_AGE Number of days warning given before a password expires.
#
PASS_MAX_DAYS = 90
PASS_MIN_DAYS = 0
PASS_WARN_AGE = 7
#
# Strength of password
#
# minimum length of password
PASS_MINLEN = 9
# Password complexity configuration [ 0 - 4 ]
#
# vSetting of the complexity of the password. Number of the character classes.
# Character class is upper case and lower case letters, numbers and special
# characters.
PASS_CLASSES = 3