<IfDefine HAVE_PSLDAP> <IfModule !mod_psldap.c> LoadModule psldap_module extramodules/mod_psldap.so </IfModule> </IfDefine> <IfModule mod_psldap.c> # PsLDAPEnableAuth - Flag to enable / disable authentication. # # PsLDAPEnableAuthz - Flag to enable / disable authorization. # # PsLDAPHosts - List of LDAP hosts which should be queried # # PsLDAPBindDN - DN used to bind to the LDAP directory, if binding # with provided credentials is not desired. This value is also # used to initially bind to acquire the DN of the authenticating # user. If this is unset, the value for PsLDAPBindMethod is forced # to 'none' # # PsLDAPBindPassword - The password corresponding to PsLDAPBindDN # # PsLDAPBaseDN - The DN in the LDAP directory which contains the # per-user subnodes # # PsLDAPUserKey - The key in the directory whose value contains # the username provided with the authentication credentials # # PsLDAPPassKey - The key in the directory whose value contains # the password provided with the authentication credentials # # PsLDAPGroupKey - The key in the directory whose value contains # the groups in which the user maintains membership # # PsLDAPAuthFilter - Additional LDAP filters to be applied when # identifying the user for authentication. # # PsLDAPUserGroupAttr - The LDAP schema attribute of the user # which is used to identify the user as a group member. Default # value is 'dn'. # # PsLDAPGroupMemberAttr - The LDAP schema attribute of the group # object used to identify each user in the LDAP group. Default # value is 'uniqueMember'. # # PsLDAPGroupNameAttr - The LDAP schema attribute of the group # object used to uniquely identify the group. Default value is # 'cn'. # # PsLDAPSearchScope - Set Scope when searching in LDAP. Can be # 'base', 'onelevel', or 'subtree' # # PsLDAPAuthoritative - Set to 'off' to allow control to be passed # on, if the user is unknown to this module # # PsLDAPUseLDAPGroups - Set to 'on' to lookup the user's group # using LDAP groups rather than using an LDAP user record's # attribute to identify the group directly. Default value is # 'off'. # # PsLDAPAuthSimple - Set to 'on' if authentication is to be # performed by acquiring an attribute from the LDAP server with # the configured credentials. # # PsLDAPAuthExternal - Set to 'on' if authentication is to be # performed by binding with the user provided credentials # # PsLDAPAuthUseCache - Set to 'on' if authentication will check # the cache prior to querying the LDAP server # # PsLDAPUseSession - Set to 'on' if session information is to # persist to LDAP server and session id is to be saved to the # cookie # # PsLDAPSessionTimeout - Set to the number of seconds of # inactivity permitted in an active session. Sessions extending # beyond this period will be terminated on the server. Default # value is 1 hour or 3600 seconds. # # PsLDAPBindMethod - Set to 'none', 'simple', 'sasl', 'krbv41', or # 'krbv42' to determine binding to server # # PsLDAPSecureAuthCookie - Set to 'off' if cookies are allowed to # be sent across an unsecure connection # # PsLDAPAuthCookieDomain - Set to a domain string if cookies are # allowed to be used across servers in a domain # # PsLDAPCryptPasswords - Set to 'on' if the LDAP server maintains # crypted password strings # # PsLDAPSchemePrefix - Set to 'on' if the LDAP server maintains # scheme-prefixed password strings as described in rfc2307 # # PsLDAPCredentialForm - The URI containing the form to capture # the user's credentials. # # PsLDAPConnectVersion - The connection version for the ldap # server. Default value is 2 </IfModule>