openldap2/sysconfig.openldap

159 lines
4.5 KiB
Plaintext
Raw Normal View History

## Path: Network/LDAP
## Description: Basic Configuration of the OpenLDAP Directory Server
## Type: yesno
## Default: yes
## ServiceRestart: ldap
#
# If set to "no" the LDAP server will not accept any "normal" LDAP connections
# but just connections over "ldaps" or "ldapi". Setting this to "no" does only
# make sense when either OPENLDAP_START_LDAPS or OPENLDAP_START_LDAPI is set
# "yes".
#
OPENLDAP_START_LDAP="yes"
## Type: yesno
## Default: no
## ServiceRestart: ldap
#
# If set to "yes" the "ldap over ssl" feature of slapd will be enabled. Don't
# forget to add the "TLSCertificateFile" and "TLSCertificateKeyFile" options
# to the /etc/openldap/slapd.conf (man slapd.conf).
# Note: Don't confuse this with "START_TLS", the preferred method for
# making encrypted LDAP connections, which is enabled as soon as You
# specify "TLSCertificateFile" and "TLSCertificateKeyFile" in your config
# file
#
OPENLDAP_START_LDAPS="no"
## Type: yesno
## Default: no
## ServiceRestart: ldap
#
# If set to "yes", "ldap over IPC" feature of slapd will be enabled.
# The ldap server creates a Unix domain socket as /var/run/slapd/ldapi.
# Default: no
#
OPENLDAP_START_LDAPI="yes"
## Type: string
## Default: ""
## ServiceRestart: ldap
#
# If not empty, additional parameters for slapd daemon.
# Default: ""
#
OPENLDAP_SLAPD_PARAMS=""
## Type: string
## Default: ldap
## ServiceRestart: ldap
#
# specifies a user, as which the openldap server should be executed
# Default: ldap
#
OPENLDAP_USER="ldap"
## Type: string
## Default: ldap
## ServiceRestart: ldap
#
# specifies a group, as which the openldap server should be executed
# Default: ldap
#
OPENLDAP_GROUP="ldap"
## Type: yesno
## Default: yes
## ServiceRestart: ldap
#
# If set to "yes" the init scripts will change the owner/group of the
# different backend database directories (e.g. /var/lib/ldap) to the
# user/group specified above
#
OPENLDAP_CHOWN_DIRS="yes"
## Type: string
## Default: ""
## ServiceRestart: ldap
#
# Use this to specify the interfaces that the server such accept
# LDAP connections from. The values are specified in the format
# <address>:<port>, where address is an IP address and port is the
# portnumber, the daemon should listen to (defaulting to 389). If this
# parameter is empty the server will attach to all interfaces. This
# parameter is only evaluated if "OPENLDAP_START_LDAP" is set to
# "yes"
# Default: ""
#
OPENLDAP_LDAP_INTERFACES=""
## Type: string
## Default: ""
## ServiceRestart: ldap
#
# Use this to specify the interfaces that the server such accept
# LDAPS connections from. The values are specified in the format
# <address>:<port>, where address is an IP address and port is the
# portnumber, the daemon should listen to (defaulting to 636). If this
# parameter is empty the server will attach to all interfaces. This
# parameter is only evaluated if "OPENLDAP_START_LDAPS" is set to
# "yes"
# Default: ""
#
OPENLDAP_LDAPS_INTERFACES=""
## Type: string
## Default: ""
## ServiceRestart: ldap
#
# Use this to specify the paths of the Unix Domain Sockets that
# the server should create an accept incoming LDAPI connections
# on. This parameter is only evaluated if "OPENLDAP_START_LDAPI"
# is set to "yes".
# Default: ""
#
OPENLDAP_LDAPI_INTERFACES=""
## Type: yesno
## Default: "yes"
## ServiceRestart: ldap
#
# If set to "no" the LDAP server will not try itself at a running SLP
# daemon.
# Default: "yes"
#
OPENLDAP_REGISTER_SLP="no"
## Type: string
## Default: ""
## ServiceRestart: ldap
#
# Set this to the name of the keytab, if you want to use a non-default
# Kerberos Keytab. If OPENLDAP_CHOWN_DIRS is set to "yes" the permissions of
# this file will be changed so that the group OPENLDAP_GROUP has read
# access to the file.
# Example: OPENLDAP_KRB5_KEYTAB="FILE:/etc/openldap/krb5.keytab
# Default: ""
#
OPENLDAP_KRB5_KEYTAB=""
## Type: string
## Default: "files"
## ServiceRestart: ldap
#
# Here you can configure which of the configuration backends you want to
# use. Possible values are "files" for slapd.conf(5) styleconfiguration or
# "ldap" for the slapd-config(5) LDAP based configuration backend.
#
OPENLDAP_CONFIG_BACKEND="files"
## Type: yesno
## Default: "yes"
## ServiceRestart: ldap
#
# Here you can configure if the slapd shall start with or without memory limit.
#
OPENLDAP_MEMORY_LIMIT="yes"