<IfDefine HAVE_LDAP> <IfModule !util_ldap.c> LoadModule ldap_module modules/mod_ldap.so </IfModule> </IfDefine> <IfModule util_ldap.c> # LDAPSharedCacheSize - Set the size of the shared memory cache (in bytes). Use 0 to # disable the shared memory cache. (default: 100000) LDAPSharedCacheSize 102400 # LDAPSharedCacheFile - Set the file name for the shared memory cache. LDAPSharedCacheFile /var/cache/httpd/mod_ldap_cache # LDAPCacheEntries - Set the maximum number of entries that are possible in the LDAP # search cache. Use 0 for no limit. -1 disables the cache. (default: 1024) LDAPCacheEntries 1024 # LDAPCacheTTL - Set the maximum time (in seconds) that an item can be cached in the # LDAP search cache. Use 0 for no limit. (default 600) LDAPCacheTTL 600 # LDAPOpCacheEntries - Set the maximum number of entries that are possible in the # LDAP compare cache. Use 0 for no limit. Use -1 to disable the cache. (default: 1024) LDAPOpCacheEntries 1024 # LDAPOpCacheTTL - Set the maximum time (in seconds) that an item is cached in the # LDAP operation cache. Use 0 for no limit. (default: 600) LDAPOpCacheTTL 600 # LDAPTrustedGlobalCert - Takes three args; the file and/or directory containing the # trusted CA certificates (and global client certs for Netware) used to validate the # LDAP server. Second arg is the cert type for the first arg, one of CA_DER, CA_BASE64, # CA_CERT7_DB, CA_SECMOD, CERT_DER, CERT_BASE64, CERT_KEY3_DB, CERT_NICKNAME, KEY_DER, # or KEY_BASE64. Third arg is an optional passphrase if applicable. #LDAPTrustedGlobalCert # LDAPTrustedClientCert - Takes three args; the file and/or directory containing the # client certificate, or certificate ID used to validate this LDAP client. Second arg # is the cert type for the first arg, one of CA_DER, CA_BASE64, CA_CERT7_DB, CA_SECMOD, # CERT_DER, CERT_BASE64, CERT_KEY3_DB, CERT_NICKNAME, KEY_DER, or KEY_BASE64. Third arg # is an optional passphrase if applicable. #LDAPTrustedClientCert # LDAPTrustedMode - Specify the type of security that should be applied to an LDAP # connection. One of; NONE, SSL or STARTTLS. #LDAPTrustedMode # LDAPVerifyServerCert - Set to 'ON' requires that the server certificate be verified # before a secure LDAP connection can be establish. Default 'ON' #LDAPVerifyServerCert <Location /ldap-status> SetHandler ldap-status Order deny,allow Deny from all Allow from 127.0.0.1 </Location> </IfModule>