diff options
| author | Frederic Guillot <fred@kanboard.net> | 2015-10-11 14:44:16 -0400 |
|---|---|---|
| committer | Frederic Guillot <fred@kanboard.net> | 2015-10-11 14:44:16 -0400 |
| commit | dc0749ecce232a5a68d83fbde965ee4ee8e36d00 (patch) | |
| tree | 9d9b3aa1ef09470553f1469f409803297e138b80 /config.default.php | |
| parent | cf6d4d1c0a04b5816865818b9b6ab121071b870f (diff) | |
Improve LDAP auth
Diffstat (limited to 'config.default.php')
| -rw-r--r-- | config.default.php | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/config.default.php b/config.default.php index 2b7da60d..38359d9c 100644 --- a/config.default.php +++ b/config.default.php @@ -72,20 +72,20 @@ define('LDAP_SERVER', ''); // LDAP server port (389 by default) define('LDAP_PORT', 389); -// By default, require certificate to be verified for ldaps:// style URL. Set to false to skip the verification. +// By default, require certificate to be verified for ldaps:// style URL. Set to false to skip the verification define('LDAP_SSL_VERIFY', true); // Enable LDAP START_TLS define('LDAP_START_TLS', false); -// LDAP bind type: "anonymous", "user" (use the given user/password from the form) and "proxy" (a specific user to browse the LDAP directory) +// LDAP bind type: "anonymous", "user" or "proxy" define('LDAP_BIND_TYPE', 'anonymous'); -// LDAP username to connect with. null for anonymous bind (by default). -// Or for user bind type, you can use a pattern: %s@kanboard.local +// LDAP username to use with proxy mode +// LDAP username pattern to use with user mode define('LDAP_USERNAME', null); -// LDAP password to connect with. null for anonymous bind (by default). +// LDAP password to use for proxy mode define('LDAP_PASSWORD', null); // LDAP account base, i.e. root of all user account @@ -97,10 +97,10 @@ define('LDAP_ACCOUNT_BASE', ''); // Example for OpenLDAP: 'uid=%s' define('LDAP_USER_PATTERN', ''); -// Name of an attribute of the user account object which should be used as the full name of the user. +// Name of an attribute of the user account object which should be used as the full name of the user define('LDAP_ACCOUNT_FULLNAME', 'displayname'); -// Name of an attribute of the user account object which should be used as the email of the user. +// Name of an attribute of the user account object which should be used as the email of the user define('LDAP_ACCOUNT_EMAIL', 'mail'); // Name of an attribute of the user account object which should be used as the id of the user. (optional) |