forked from getkaiwa/kaiwa-server
-
Notifications
You must be signed in to change notification settings - Fork 0
/
prosody-ldap.cfg.lua
70 lines (65 loc) · 2.86 KB
/
prosody-ldap.cfg.lua
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
-- Use Include 'prosody-ldap.cfg.lua' from prosody.cfg.lua to include this file
authentication = 'ldap2' -- Indicate that we want to use LDAP for authentication
--storage = 'ldap' -- Indicate that we want to use LDAP for roster/vcard storage
storage = {
roster = "ldap";
vcard = "ldap";
archive2 = "sql2";
muc_log = "sql2";
}
ldap = {
hostname = '{{LDAP_HOST}}', -- LDAP server location
bind_dn = '{{LDAP_DN}}', -- Bind DN for LDAP authentication (optional if anonymous bind is supported)
bind_password = '{{LDAP_PWD}}', -- Bind password (optional if anonymous bind is supported)
user = {
basedn = 'ou=users,{{LDAP_BASE}}', -- The base DN where user records can be found
filter = '(&(objectClass=person)(!(uid=seven)))', -- Filter expression to find user records under basedn
usernamefield = 'uid', -- The field that contains the user's ID (this will be the username portion of the JID)
namefield = 'cn', -- The field that contains the user's full name (this will be the alias found in the roster)
},
groups = {
basedn = 'ou=groups,{{LDAP_BASE}}', -- The base DN where group records can be found
memberfield = 'member', -- The field that contains user ID records for this group (each member must have a corresponding entry under the user basedn with the same value in usernamefield)
namefield = 'cn', -- The field that contains the group's name (used for matching groups in LDAP to group definitions below)
{
name = 'GroupName', -- The group name that will be seen in users' rosters
cn = 'groupname', -- This field's key *must* match ldap.groups.namefield! It's the name of the LDAP group this definition represents
admin = false, -- (Optional) A boolean flag that indicates whether members of this group should be considered administrators.
},
{
name = 'admins',
cn = 'admins',
admin = true,
},
},
vcard_format = {
displayname = 'cn', -- Consult the vCard configuration section in the README
nickname = 'uid',
name = {
family = 'sn',
given = 'givenName',
},
photo = {
type = 'image/jpeg',
binval = 'jpegPhoto',
},
telephone = {
work = {
number = 'telephoneNumber',
}
},
address = {
work = {
street = 'street', -- street name
pcode = 'postalCode', -- postal code
locality = 'l', -- city name
ctry = 'c', -- country name
}
},
email = {
internet = {
userid = 'mail',
}
},
},
}