SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG
DONATE


YUM REPOSITORY

 
 

MAN page from PLD openldap-2.0.27-1.i386.rpm

LDAP.CONF

Section: File Formats (5)
Updated: 20 August 2000
Index 

NAME

ldap.conf, .ldaprc - ldap configuration file 

SYNOPSIS

/etc/openldap/ldap.conf.ldaprc 

DESCRIPTION

Theldap.confconfiguration file is used to set system-wide defaults to be applied whenrunningldapclients. If the environment variable LDAPNOINIT is defined, alldefaulting is disabled.

Each user may specify an optional configuration file,.ldaprc,in his/her home directory which will be used to override the system-widedefaults file.

Additional configuration files can be specified usingthe LDAPCONF and LDAPRC environment variables.LDAPCONF may be set the path of a configuration file. Thispath can be absolute or relative to current working directory.The LDAPRC, if defined, should be a basename of a filein the current working directory or in the user's home directory.

Environmental variables may also be used to augment the file based defaults.The name of the option is the as listed but with a prefix of LDAP.For example, to define BASE via the environment, define the variableLDAPBASE to desired value.

Some options are user-only. Such options are ignored if presentin theldap.conf(or file specified byLDAPCONF). 

OPTIONS

The different configuration options are:
BASE <base>
Used to specify the default base DN to use when performing ldap operations.The base must be specified as a Distinguished Name in LDAP format.
BINDDN <dn>
Used to specify the default bind DN to use when performing ldap operations.The bind DN must be specified as a Distinguished Name in LDAP format.This is a user-only option.
HOST <name[:port] ...>
Used to specify the name(s) of an LDAP server(s) to which ldap library should connect to. Each server's name can be specified as adomain-style name or an IP address and optionally followed a ':' andthe port number the ldap server is listening on. A space separatedlisted of host may be provided.
PORT <port>
Used to specify the port used with connecting to LDAP servers(s).The port may be specified as a number.
SASL_SECPROPS <properties>
Used to specify Cyrus SASL security properties.Thenoneflag (without any other properities) causes the flag properitesdefaults ("noanonymous,noplain") to be cleared.Thenoplainflag disables mechanisms susceptible to simple passive attacks.Thenoactiveflag disables mechanisms susceptible to active attacks.Thenodictflag disables mechanisms susceptible to passive dictionary attacks.Thenoanonyousflag disables mechanisms which support anonymous login.Theforwardsecflag require forward secrecy between sessions.Thepasscredrequire mechanisms which pass client credentials (and allowmechanisms which can pass credentials to do so).Theminssf=<factor> property specifies the minimum acceptablesecurity strength factoras an integer approximate to effective key length used forencryption. 0 (zero) implies no protection, 1 implies integrityprotection only, 56 allows DES or other weak ciphers, 112allows triple DES and other strong ciphers, 128 allows RC4,Blowfish and other modern strong ciphers. The default is 0.Themaxssf=<factor> property specifies the maximum acceptablesecurity strength factoras an integer (see minssf description). The default is INT_MAX.Themaxbufsize=<factor> property specifies the maximum security layer receive buffersize allowed. 0 disables security layers. The default is 65536.
SIZELIMIT <integer>
Used to specify a size limit to use when performing searches. Thenumber should be an non-negative integer. SIZELIMIT of zero (0)specifies unlimited search size.
TIMELIMIT <integer>
Used to specify a time limit to use when performing searches. Thenumber should be an non-negative integer. TIMELIMIT of zero (0)specifies unlimited search time to be used.
DEREF <never|searching|finding|always>
Specify how aliases dereferencing is done. DEREF shouldbe set to one ofnever,always,search,or find to specify that aliases are never dereferenced, always dereferenced,dereferenced when searching, or dereferenced only when locating thebase object for the search. The default is to never dereference aliases.
 

FILES

/etc/openldap/ldap.conf

$HOME/.ldaprc

$CWD/.ldaprc 

SEE ALSO

ldap(3) 

AUTHOR

Kurt Zeilenga, The OpenLDAP Project 

ACKNOWLEDGEMENTS

is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).is derived from University of Michigan LDAP 3.3 Release.


 

Index

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
FILES
SEE ALSO
AUTHOR
ACKNOWLEDGEMENTS

This document was created byman2html,using the manual pages.