87 lines
4.1 KiB
Markdown
87 lines
4.1 KiB
Markdown
# AD/Samba/LDAP backend
|
|
## Configuration
|
|
### Structure and default values
|
|
```
|
|
ldap:
|
|
enabled: false
|
|
filter: ''
|
|
connection:
|
|
host: ''
|
|
tls: false
|
|
port: 389
|
|
bindDn: ''
|
|
bindPassword: ''
|
|
baseDn: ''
|
|
attribute:
|
|
uid:
|
|
type: 'uid'
|
|
value: 'userPrincipalName'
|
|
name: 'displayName'
|
|
threepid:
|
|
email:
|
|
- 'mailPrimaryAddress'
|
|
- 'mail'
|
|
- 'otherMailbox'
|
|
msisdn:
|
|
- 'telephoneNumber'
|
|
- 'mobile'
|
|
- 'homePhone'
|
|
- 'otherTelephone'
|
|
- 'otherMobile'
|
|
- 'otherHomePhone'
|
|
auth:
|
|
filter: ''
|
|
directory:
|
|
attribute:
|
|
other: []
|
|
filter: ''
|
|
identity:
|
|
filter: ''
|
|
medium:
|
|
email: ''
|
|
msisdn: ''
|
|
```
|
|
### General
|
|
| Item | Description |
|
|
|-----------|-------------------------------------------------------------------------------------------|
|
|
| `enabled` | Globaly enable/disable the LDAP backend |
|
|
| `filter` | Global filter to apply on all LDAP queries. Can be overwritten in each applicable section |
|
|
|
|
### Connection
|
|
| Item | Description |
|
|
|----------------|------------------------------------------------------|
|
|
| `host` | Host to connect to |
|
|
| `port` | Port to use |
|
|
| `tls` | boolean to use TLS or not (STARTLS is not supported) |
|
|
| `bindDn` | Bind DN for authentication |
|
|
| `bindPassword` | Bind password |
|
|
| `baseDn` | Base DN for queries |
|
|
|
|
### Attributes
|
|
| Item | Description |
|
|
|-------------|------------------------------------------------------------------------------------------------------------------------|
|
|
| `uid.type` | Indicate how to process the User ID (UID) attribute: |
|
|
| | - `uid` will consider the value as the [Localpart](https://matrix.org/docs/spec/intro.html#user-identifiers) |
|
|
| | - `mxid` will consider the value as a complete [Matrix ID](https://matrix.org/docs/spec/intro.html#user-identifiers) |
|
|
| `uid.value` | Attribute name refering to the User ID. This is typically `userPrincipalName` on AD/Samba setups and `uid` in LDAP |
|
|
| `name` | Attribute name that contains the [Display Name](https://matrix.org/docs/spec/intro.html#profiles) of the user |
|
|
| `threepid` | Namespace where each key is a 3PID type and contains a list of attributes |
|
|
|
|
### Authentication
|
|
| Item | Description |
|
|
|----------|--------------------------------------------------------------------------------------------------|
|
|
| `filter` | Specific user filter applied during authentication. Global filter is used if empty/blank/not set |
|
|
|
|
### Directory
|
|
| Item | Description |
|
|
|-------------------|---------------------------------------------------------------------|
|
|
| `attribute.other` | Additional attributes to be used when performing directory searches |
|
|
| `filter` | Specific user filter applied during directory search. |
|
|
| | Global filter is used if empty/blank/not set |
|
|
|
|
### Identity
|
|
| Item | Description |
|
|
|----------|---------------------------------------------------------------------------------------------------|
|
|
| `filter` | Specific user filter applied during identity search. Global filter is used if empty/blank/not set |
|
|
| `medium` | Namespace to overwrite generated queries from the list of attributes for each 3PID medium |
|