6cab7c3b96
- Configuration file is documented - Give more flexibility to the LDAP lookup - Various suggestions in errors to help new users
47 lines
1.7 KiB
YAML
47 lines
1.7 KiB
YAML
server:
|
|
|
|
# Indicate on which port the Identity Server will listen. This is an unencrypted port.
|
|
# HTTPS can be configured using Tomcat configuration properties.
|
|
port: 8090
|
|
|
|
# Realm under which this Identity Server is authoritative, e.g. domain name in e-mails.
|
|
# This is used in some recursive lookups to avoid endless loops and avoid bothering other Identity Servers.
|
|
name: 'example.org'
|
|
|
|
|
|
key:
|
|
|
|
# Where the Identity Server signing key will be stored.
|
|
#
|
|
# /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\
|
|
# /!\ CHANGE THIS TO A MORE PERMANENT LOCATION! /!\
|
|
# /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\
|
|
path: '/var/tmp/mxis-signing.key'
|
|
|
|
|
|
ldap:
|
|
host: 'localhost'
|
|
port: 389
|
|
bindDn: 'CN=Matrix Identity Server,CN=Users,DC=example,DC=org'
|
|
bindPassword: 'password'
|
|
baseDn: 'CN=Users,DC=example,DC=org'
|
|
query: '(|(mailPrimaryAddress=%3pid)(mail=%3pid)(otherMailbox=%3pid))'
|
|
|
|
# How should we resolve the Matrix ID in case of a match using the attribute.
|
|
#
|
|
# The following type are supported:
|
|
# - uid : the attribute only contains the UID part of the Matrix ID. e.g. 'john.doe' in @john.doe:example.org
|
|
# - mxid : the attribute contains the full Matrix ID - e.g. '@john.doe:example.org'
|
|
type: 'uid'
|
|
|
|
# The attribute containing the binding itself. This value will be used differently depending on the type.
|
|
#
|
|
# Typical values:
|
|
# - For type 'uid':
|
|
# - Samba/AD: sAMAccountName
|
|
# - LDAP: If someone knows the most appropriate value, please open an issue
|
|
#
|
|
# - For type 'mxid', regardless of the directory type, we recommend using 'pager' as it is a standard attribute but
|
|
# shouldn't be used in infrastructures.
|
|
attribute: 'sAMAccountName'
|