Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   44335 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

AUTOMX_LDAP(5)			    automx			AUTOMX_LDAP(5)

NAME
       automx_ldap - automx LDAP backend configuration parameters

DESCRIPTION
       The  automx_ldap(5)  man	 page  specifies  all  parameters that control
       access from within automx to a LDAP backend.

PARAMETERS
       authzid (no default)
	      Specifies the SASL proxy authorization identity.

       base (default: none)
	      Specifies the default base DN to use when performing ldap opera‐
	      tions.  The  base	 must  be specified as a Distinguished Name in
	      LDAP format.

       binddn (default: none)
	      Specifies the default bind DN to use when performing ldap opera‐
	      tions.  The bind DN must be specified as a Distinguished Name in
	      LDAP format.

       bindmethod (default: simple)
	      Specifies how authentication should take	place.	Valid  options
	      are  either  simple  for	a  simple bind or sasl for a bind that
	      requires SASL authentication.

       bindpw (default: none)
	      Specifies the password used when binddn identifies  itself  with
	      the LDAP server.

       cacert (default: none)
	      Specifies	 the  path to a file that contains all certificates of
	      Certification Authorities automx should trust.

       cert (default: none)
	      Specifies the path to a file that contains automx's certificate.

       cipher (default: TLSv1)
	      See ciphers(1) for a list of valid options.

       filter (default: (objectClass=*))
	      Specifies the search filter to select appropriate LDAP  objects.
	      The  filter  should  conform  to	the  string representation for
	      search filters as defined in RFC 4515.

	      NOTE:
		 See the section “Macros and Variables” in automx.conf(5)  for
		 a list of available query macros.

       host (default: ldap://127.0.0.1/)
	      Specifies	 one or more LDAP servers separated by commas as shown
	      in the following example:

		 host = ldap://127.0.0.1, ldap://192.168.2.1

	      IMPORTANT:
		 Subsequent servers to the first serve only for fallback  pur‐
		 poses, i.e. a server to the right will only be queried if the
		 server left to it cannot be  reached.	If  a  server  can  be
		 reached  no  further  attempts will be made regardless if the
		 query returned a result or not.

       key (default: none)
	      Specifies the path to a file that contains automx's private key,
	      which matches automx certificate given with cert.

       reqcert (default: never)
	      Specifies what checks to perform on server certificates in a TLS
	      session, if any. The <level> can be specified as one of the fol‐
	      lowing keywords:

	      never  The  client will not request or check any server certifi‐
		     cate. This is the default setting.

	      allow  The server certificate is requested. If no certificate is
		     provided,	the  session  proceeds normally. If a bad cer‐
		     tificate is provided, it will be ignored and the  session
		     proceeds normally.

	      try    The server certificate is requested. If no certificate is
		     provided, the session proceeds normally. If  a  bad  cer‐
		     tificate  is  provided, the session is immediately termi‐
		     nated.

	      demand These keywords are equivalent. The server certificate  is
		     requested.	 If  no certificate is provided, or a bad cer‐
		     tificate is provided, the session is  immediately	termi‐
		     nated.

       result_attrs (default: none)
	      If automx finds one or more entries, the attributes specified by
	      result_attrs are returned. If * is listed, all  user  attributes
	      are returned.

       saslmech (default: none)
	      Specifies the SASL mechanism to be used for authentication.

	      cram-md5
		     The  SASL cram-md5 mechanism (see: RFC 2195) will be used
		     to authenticate LDAP bind requests.

	      digest-md5
		     The SASL digest-md5 mechanism (see:  RFC  2831)  will  be
		     used to authenticate LDAP bind requests.

	      external
		     The  SASL external mechanism (see: RFC 4422) will be used
		     to authenticate LDAP bind requests.

	      gssapi The SASL gssapi mechanism (see: RFC 4752) will be used to
		     authenticate LDAP bind requests.

	      none   No	 SASL  mechanism will be use to authenticate LDAP bind
		     requests.

       scope (default: sub)
	      Specify the scope of the search to be one of  base  (or  exact),
	      one  (or onelevel), sub (or substree), to specify a base object,
	      one-level, or subtree search.

       usetls (default: false)
	      Specifies if automx should use TLS when it connects to the  LDAP
	      host.

AUTHORS
       Christian Roessner <cr@sys4.de>
	      Wrote the program.

       Patrick Ben Koetter <p@sys4.de>
	      Wrote the documentation.

SEE ALSO
       automx(8),     automx.conf(5),	  automx_ldap(5),    automx_script(5),
       automx_sql(5), automx-test(1)

COPYRIGHT
       This document has been placed in the public domain.

				  02/08/2013			AUTOMX_LDAP(5)

Vote for polarhome