summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authoraschrijver <aschrijver@cvs.openbsd.org>2009-02-15 21:57:28 +0000
committeraschrijver <aschrijver@cvs.openbsd.org>2009-02-15 21:57:28 +0000
commit9da5c7bc18700bb012b5e5f1df44472176b24310 (patch)
tree746a28683d98cca976c608582378bf1f1f827a1e
parentd6e05d5552931695131d21aaf127b6fc81654dc1 (diff)
Change the full sample configuration into an use case.
-rw-r--r--usr.sbin/ypldap/ypldap.conf.523
1 files changed, 9 insertions, 14 deletions
diff --git a/usr.sbin/ypldap/ypldap.conf.5 b/usr.sbin/ypldap/ypldap.conf.5
index 838029f82f1..20300925e74 100644
--- a/usr.sbin/ypldap/ypldap.conf.5
+++ b/usr.sbin/ypldap/ypldap.conf.5
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ypldap.conf.5,v 1.11 2008/11/17 13:22:10 mbalmer Exp $
+.\" $OpenBSD: ypldap.conf.5,v 1.12 2009/02/15 21:57:27 aschrijver Exp $
.\"
.\" Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org>
.\"
@@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.Dd $Mdocdate: November 17 2008 $
+.Dd $Mdocdate: February 15 2009 $
.Dt YPLDAP.CONF 5
.Os
.Sh NAME
@@ -145,25 +145,20 @@ Valid attributes are:
.It Ic passwd filter Ar string
Use the supplied LDAP filter to retrieve password entries.
.El
-.Sh EXAMPLE CONFIGURATION
-.Bd -literal -offset indent
-interval 300 # how many seconds between retries
-domain "openbsd.org" # only one domain for now
-
-# what do we provide
-provide map "passwd.byname"
-provide map "passwd.byuid"
-provide map "group.byname"
-provide map "group.bygid"
+.Sh DIRECTORY EXAMPLE
+This configuration searches the LDAP directory 127.0.0.1 for users and groups.
+On the LDAP side the RFC 2307 object classes posixAccount and posixGroup are used.
+In this example the attributes are either mapped to their corresponding LDAP attributes or a fixed value.
+A list directive is used for the groupmembers attribute because the ldap memberUid returns multiple group members.
+.Bd -literal -offset indent
directory "127.0.0.1" {
# directory options
-
binddn "cn=Manager,dc=openbsd,dc=org"
bindcred "secret"
basedn "ou=Users,dc=openbsd,dc=org"
- # passwd maps configuration
+ # passwd maps configuration
passwd filter "(objectClass=posixAccount)"
attribute name maps to "uid"