diff options
author | aschrijver <aschrijver@cvs.openbsd.org> | 2009-02-15 21:57:28 +0000 |
---|---|---|
committer | aschrijver <aschrijver@cvs.openbsd.org> | 2009-02-15 21:57:28 +0000 |
commit | 9da5c7bc18700bb012b5e5f1df44472176b24310 (patch) | |
tree | 746a28683d98cca976c608582378bf1f1f827a1e | |
parent | d6e05d5552931695131d21aaf127b6fc81654dc1 (diff) |
Change the full sample configuration into an use case.
-rw-r--r-- | usr.sbin/ypldap/ypldap.conf.5 | 23 |
1 files changed, 9 insertions, 14 deletions
diff --git a/usr.sbin/ypldap/ypldap.conf.5 b/usr.sbin/ypldap/ypldap.conf.5 index 838029f82f1..20300925e74 100644 --- a/usr.sbin/ypldap/ypldap.conf.5 +++ b/usr.sbin/ypldap/ypldap.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ypldap.conf.5,v 1.11 2008/11/17 13:22:10 mbalmer Exp $ +.\" $OpenBSD: ypldap.conf.5,v 1.12 2009/02/15 21:57:27 aschrijver Exp $ .\" .\" Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> .\" @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: November 17 2008 $ +.Dd $Mdocdate: February 15 2009 $ .Dt YPLDAP.CONF 5 .Os .Sh NAME @@ -145,25 +145,20 @@ Valid attributes are: .It Ic passwd filter Ar string Use the supplied LDAP filter to retrieve password entries. .El -.Sh EXAMPLE CONFIGURATION -.Bd -literal -offset indent -interval 300 # how many seconds between retries -domain "openbsd.org" # only one domain for now - -# what do we provide -provide map "passwd.byname" -provide map "passwd.byuid" -provide map "group.byname" -provide map "group.bygid" +.Sh DIRECTORY EXAMPLE +This configuration searches the LDAP directory 127.0.0.1 for users and groups. +On the LDAP side the RFC 2307 object classes posixAccount and posixGroup are used. +In this example the attributes are either mapped to their corresponding LDAP attributes or a fixed value. +A list directive is used for the groupmembers attribute because the ldap memberUid returns multiple group members. +.Bd -literal -offset indent directory "127.0.0.1" { # directory options - binddn "cn=Manager,dc=openbsd,dc=org" bindcred "secret" basedn "ou=Users,dc=openbsd,dc=org" - # passwd maps configuration + # passwd maps configuration passwd filter "(objectClass=posixAccount)" attribute name maps to "uid" |