...
Property | Value | ||
---|---|---|---|
ldap.servers | <ip address or hostname:port> | ||
ldap.ssl | <true or false> Set to true to use SSL connections against the LDAP server Default: false | ||
ldap.acceptedcertissuers | <List of filenames, separated by comma or semicolon> List of Root/CA certificates to trust when validating server certificates. Default: none | ||
ldap.verifysslcert | <true or false> Set to false to disable SSL server certificate validation - use if your ldap server has untrusted certificates installed.
Default: true | ||
ldap.connectiontimeout | <timeout in minutes> | ||
ldap.protocolVersion<2 or 3> - Default 2 | <userid> | ||
ldap.systempassword | <password> | ||
ldap.basedn | <DN name> The base DN to use when looking up in the LDAP server. This is the postfix used for all paths in the LDAP | ||
ldap.useridName | <attribute name> | ||
ldap.usersRDN | <RDN name> | ||
ldap.userattributes | <List of attributes – separated with comma or semicolon> | ||
ldap.stripdnfromuser | <true | false> - Default is false | ||
ldap.userObjectClass | <Object class name> Name of LDAP object class containing user records. Default is "person" | ||
ldap.groupObjectClass | <Object class name> Name of LDAP object class containing group records. Default is "group" | ||
ldap.groupMemberAttributeName | <Name of member attribute> - default is "member" (Note: requires minimum Ceptor v6.4.1) Allows you to change the member attribute name that is used when looking up group memberships in AD, if the memberOf attribute is not used on the user, of if it does not exist on a user record. In Active Directory, set this value to: "member:1.2.840.113556.1.4.1941:" to read all nested group memberships. | ||
ldap.group.name.is.cn | <true | false> - Default is false When reading LDAP group names, by default the name stored i the full unique name, the full DN of the group - e.g. CN=Administrators, OU=Groups, OU=organisation, OU=com - if this attribute is set, only the CN is kept and the rest is stripped. |
...