Create a simple wmde config file
This commit is contained in:
parent
de5378be34
commit
4e157077b2
|
@ -66,6 +66,11 @@ class wmdeit_ldap::lam(
|
||||||
ensure => file,
|
ensure => file,
|
||||||
content => template("wmdeit_ldap/lam-config.cfg.erb"),
|
content => template("wmdeit_ldap/lam-config.cfg.erb"),
|
||||||
owner => "www-data",
|
owner => "www-data",
|
||||||
|
} ->
|
||||||
|
file {"$docroot/config/wmde.conf":
|
||||||
|
ensure => file,
|
||||||
|
content => template("wmdeit_ldap/wmde.conf.erb"),
|
||||||
|
owner => "www-data",
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,270 @@
|
||||||
|
# LDAP Account Manager configuration
|
||||||
|
#
|
||||||
|
# Please do not modify this file manually. The configuration can be done completely by the LAM GUI.
|
||||||
|
#
|
||||||
|
###################################################################################################
|
||||||
|
|
||||||
|
# server address (e.g. ldap://localhost:389 or ldaps://localhost:636)
|
||||||
|
ServerURL: ldap://localhost:389
|
||||||
|
|
||||||
|
# list of users who are allowed to use LDAP Account Manager
|
||||||
|
# names have to be seperated by semicolons
|
||||||
|
# e.g. admins: cn=admin,dc=yourdomain,dc=org;cn=root,dc=yourdomain,dc=org
|
||||||
|
Admins: cn=admin,dc=wikimedia,dc=de
|
||||||
|
|
||||||
|
# password to change these preferences via webfrontend (default: lam)
|
||||||
|
Passwd: {SSHA}T7uRmkbOgzr9k0BVJi1GvqqwJJQ= iaZAeQ==
|
||||||
|
|
||||||
|
# suffix of tree view
|
||||||
|
# e.g. dc=yourdomain,dc=org
|
||||||
|
treesuffix: dc=wikimedia,dc=de
|
||||||
|
|
||||||
|
# default language (a line from config/language)
|
||||||
|
defaultLanguage: en_GB.utf8
|
||||||
|
|
||||||
|
# Path to external Script
|
||||||
|
scriptPath:
|
||||||
|
|
||||||
|
# Server of external Script
|
||||||
|
scriptServer:
|
||||||
|
|
||||||
|
# Access rights for home directories
|
||||||
|
scriptRights: 750
|
||||||
|
|
||||||
|
# Number of minutes LAM caches LDAP searches.
|
||||||
|
cachetimeout: 5
|
||||||
|
|
||||||
|
# LDAP search limit.
|
||||||
|
searchLimit: 1000
|
||||||
|
|
||||||
|
# Module settings
|
||||||
|
|
||||||
|
modules: posixAccount_user_minUID: 10000
|
||||||
|
modules: posixAccount_user_maxUID: 30000
|
||||||
|
modules: posixGroup_group_minGID: 10000
|
||||||
|
modules: posixGroup_group_maxGID: 20000
|
||||||
|
modules: posixAccount_pwdHash: SSHA
|
||||||
|
|
||||||
|
# List of active account types.
|
||||||
|
activeTypes: user,group
|
||||||
|
|
||||||
|
|
||||||
|
types: suffix_user: ou=People,dc=wikimedia,dc=de
|
||||||
|
types: attr_user: #uid;#givenName;#sn;#uidNumber;#gidNumber
|
||||||
|
types: modules_user: inetOrgPerson,posixAccount,shadowAccount
|
||||||
|
|
||||||
|
types: suffix_group: ou=group,dc=wikimedia,dc=de
|
||||||
|
types: attr_group: #cn;#gidNumber;#memberUID;#description
|
||||||
|
types: modules_group: posixGroup
|
||||||
|
|
||||||
|
# Password mail subject
|
||||||
|
lamProMailSubject: Your password was reset
|
||||||
|
|
||||||
|
# Password mail text
|
||||||
|
lamProMailText: Dear @@givenName@@ @@sn@@,+::++::+your password was reset to: @@newPassword@@+::++::++::+Best regards+::++::+deskside support+::+
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
serverDisplayName:
|
||||||
|
|
||||||
|
|
||||||
|
# enable TLS encryption
|
||||||
|
useTLS: no
|
||||||
|
|
||||||
|
|
||||||
|
# follow referrals
|
||||||
|
followReferrals: false
|
||||||
|
|
||||||
|
|
||||||
|
# paged results
|
||||||
|
pagedResults: false
|
||||||
|
|
||||||
|
referentialIntegrityOverlay: false
|
||||||
|
|
||||||
|
|
||||||
|
# time zone
|
||||||
|
timeZone: Europe/London
|
||||||
|
|
||||||
|
scriptUserName:
|
||||||
|
|
||||||
|
scriptSSHKey:
|
||||||
|
|
||||||
|
scriptSSHKeyPassword:
|
||||||
|
|
||||||
|
|
||||||
|
# Access level for this profile.
|
||||||
|
accessLevel: 100
|
||||||
|
|
||||||
|
|
||||||
|
# Login method.
|
||||||
|
loginMethod: list
|
||||||
|
|
||||||
|
|
||||||
|
# Search suffix for LAM login.
|
||||||
|
loginSearchSuffix: dc=yourdomain,dc=org
|
||||||
|
|
||||||
|
|
||||||
|
# Search filter for LAM login.
|
||||||
|
loginSearchFilter: uid=%USER%
|
||||||
|
|
||||||
|
|
||||||
|
# Bind DN for login search.
|
||||||
|
loginSearchDN:
|
||||||
|
|
||||||
|
|
||||||
|
# Bind password for login search.
|
||||||
|
loginSearchPassword:
|
||||||
|
|
||||||
|
|
||||||
|
# HTTP authentication for LAM login.
|
||||||
|
httpAuthentication: false
|
||||||
|
|
||||||
|
|
||||||
|
# Password mail from
|
||||||
|
lamProMailFrom:
|
||||||
|
|
||||||
|
|
||||||
|
# Password mail reply-to
|
||||||
|
lamProMailReplyTo:
|
||||||
|
|
||||||
|
|
||||||
|
# Password mail is HTML
|
||||||
|
lamProMailIsHTML: false
|
||||||
|
|
||||||
|
|
||||||
|
# Allow alternate address
|
||||||
|
lamProMailAllowAlternateAddress: true
|
||||||
|
|
||||||
|
jobsBindPassword:
|
||||||
|
|
||||||
|
jobsBindUser:
|
||||||
|
|
||||||
|
jobsDatabase:
|
||||||
|
|
||||||
|
jobsDBHost:
|
||||||
|
|
||||||
|
jobsDBPort:
|
||||||
|
|
||||||
|
jobsDBUser:
|
||||||
|
|
||||||
|
jobsDBPassword:
|
||||||
|
|
||||||
|
jobsDBName:
|
||||||
|
|
||||||
|
jobToken: 682084386696
|
||||||
|
|
||||||
|
pwdResetAllowSpecificPassword: true
|
||||||
|
|
||||||
|
pwdResetAllowScreenPassword: true
|
||||||
|
|
||||||
|
pwdResetForcePasswordChange: true
|
||||||
|
|
||||||
|
pwdResetDefaultPasswordOutput: 2
|
||||||
|
|
||||||
|
twoFactorAuthentication: none
|
||||||
|
|
||||||
|
twoFactorAuthenticationURL: https://localhost
|
||||||
|
|
||||||
|
twoFactorAuthenticationClientId:
|
||||||
|
|
||||||
|
twoFactorAuthenticationSecretKey:
|
||||||
|
|
||||||
|
twoFactorAuthenticationDomain:
|
||||||
|
|
||||||
|
twoFactorAuthenticationInsecure:
|
||||||
|
|
||||||
|
twoFactorAuthenticationLabel:
|
||||||
|
|
||||||
|
twoFactorAuthenticationOptional:
|
||||||
|
|
||||||
|
twoFactorAuthenticationCaption:
|
||||||
|
|
||||||
|
twoFactorAuthenticationAttribute:
|
||||||
|
tools: tool_hide_ImportExport: false
|
||||||
|
tools: tool_hide_toolTests: false
|
||||||
|
tools: tool_hide_toolProfileEditor: false
|
||||||
|
tools: tool_hide_toolMultiEdit: false
|
||||||
|
tools: tool_hide_toolOUEditor: false
|
||||||
|
tools: tool_hide_toolFileUpload: false
|
||||||
|
tools: tool_hide_toolPDFEditor: false
|
||||||
|
tools: tool_hide_toolWebauthn: false
|
||||||
|
tools: tool_hide_toolSchemaBrowser: false
|
||||||
|
tools: tool_hide_toolServerInformation: false
|
||||||
|
modules: posixGroup_group_gidGenerator: range
|
||||||
|
modules: posixGroup_group_hidememberUid: false
|
||||||
|
modules: posixAccount_user_uidGeneratorUsers: range
|
||||||
|
modules: posixAccount_user_userNameSuggestion: @givenname@%sn%
|
||||||
|
modules: posixAccount_user_hidegecos: false
|
||||||
|
modules: posixAccount_user_hidepassword: false
|
||||||
|
modules: posixAccount_shells: /bin/bash+::+/bin/csh+::+/bin/dash+::+/bin/false+::+/bin/ksh+::+/bin/sh
|
||||||
|
modules: posixAccount_primaryGroupAsSecondary: false
|
||||||
|
modules: inetOrgPerson_hideDescription: false
|
||||||
|
modules: inetOrgPerson_hideStreet: false
|
||||||
|
modules: inetOrgPerson_hidePostOfficeBox: false
|
||||||
|
modules: inetOrgPerson_hidePostalCode: false
|
||||||
|
modules: inetOrgPerson_hideLocation: false
|
||||||
|
modules: inetOrgPerson_hideState: false
|
||||||
|
modules: inetOrgPerson_hidePostalAddress: false
|
||||||
|
modules: inetOrgPerson_hideRegisteredAddress: false
|
||||||
|
modules: inetOrgPerson_hideOfficeName: false
|
||||||
|
modules: inetOrgPerson_hideRoomNumber: false
|
||||||
|
modules: inetOrgPerson_hideTelephoneNumber: false
|
||||||
|
modules: inetOrgPerson_hideHomeTelephoneNumber: false
|
||||||
|
modules: inetOrgPerson_hideMobileNumber: false
|
||||||
|
modules: inetOrgPerson_hideFaxNumber: false
|
||||||
|
modules: inetOrgPerson_hidePager: true
|
||||||
|
modules: inetOrgPerson_hideEMailAddress: false
|
||||||
|
modules: inetOrgPerson_hideJobTitle: false
|
||||||
|
modules: inetOrgPerson_hideCarLicense: false
|
||||||
|
modules: inetOrgPerson_hideEmployeeType: false
|
||||||
|
modules: inetOrgPerson_hideBusinessCategory: false
|
||||||
|
modules: inetOrgPerson_hideDepartments: false
|
||||||
|
modules: inetOrgPerson_hideManager: false
|
||||||
|
modules: inetOrgPerson_hideOu: false
|
||||||
|
modules: inetOrgPerson_hideO: false
|
||||||
|
modules: inetOrgPerson_hideEmployeeNumber: false
|
||||||
|
modules: inetOrgPerson_hideInitials: false
|
||||||
|
modules: inetOrgPerson_hideLabeledURI: false
|
||||||
|
modules: inetOrgPerson_hideuserCertificate: false
|
||||||
|
modules: inetOrgPerson_hidejpegPhoto: false
|
||||||
|
modules: inetOrgPerson_hidedisplayName: true
|
||||||
|
modules: inetOrgPerson_addAddressbook: false
|
||||||
|
modules: inetOrgPerson_readOnly_businessCategory: false
|
||||||
|
modules: inetOrgPerson_readOnly_carLicense: false
|
||||||
|
modules: inetOrgPerson_readOnly_cn: false
|
||||||
|
modules: inetOrgPerson_readOnly_departmentNumber: false
|
||||||
|
modules: inetOrgPerson_readOnly_description: false
|
||||||
|
modules: inetOrgPerson_readOnly_mail: false
|
||||||
|
modules: inetOrgPerson_readOnly_employeeNumber: false
|
||||||
|
modules: inetOrgPerson_readOnly_employeeType: false
|
||||||
|
modules: inetOrgPerson_readOnly_facsimileTelephoneNumber: false
|
||||||
|
modules: inetOrgPerson_readOnly_givenName: false
|
||||||
|
modules: inetOrgPerson_readOnly_homePhone: false
|
||||||
|
modules: inetOrgPerson_readOnly_initials: false
|
||||||
|
modules: inetOrgPerson_readOnly_title: false
|
||||||
|
modules: inetOrgPerson_readOnly_sn: false
|
||||||
|
modules: inetOrgPerson_readOnly_l: false
|
||||||
|
modules: inetOrgPerson_readOnly_manager: false
|
||||||
|
modules: inetOrgPerson_readOnly_mobile: false
|
||||||
|
modules: inetOrgPerson_readOnly_physicalDeliveryOfficeName: false
|
||||||
|
modules: inetOrgPerson_readOnly_o: false
|
||||||
|
modules: inetOrgPerson_readOnly_ou: false
|
||||||
|
modules: inetOrgPerson_readOnly_pager: false
|
||||||
|
modules: inetOrgPerson_readOnly_userPassword: false
|
||||||
|
modules: inetOrgPerson_readOnly_jpegPhoto: false
|
||||||
|
modules: inetOrgPerson_readOnly_postOfficeBox: false
|
||||||
|
modules: inetOrgPerson_readOnly_postalAddress: false
|
||||||
|
modules: inetOrgPerson_readOnly_postalCode: false
|
||||||
|
modules: inetOrgPerson_readOnly_registeredAddress: false
|
||||||
|
modules: inetOrgPerson_readOnly_roomNumber: false
|
||||||
|
modules: inetOrgPerson_readOnly_st: false
|
||||||
|
modules: inetOrgPerson_readOnly_street: false
|
||||||
|
modules: inetOrgPerson_readOnly_telephoneNumber: false
|
||||||
|
modules: inetOrgPerson_readOnly_uid: false
|
||||||
|
modules: inetOrgPerson_readOnly_labeledURI: false
|
||||||
|
types: customLabel_user:
|
||||||
|
types: filter_user:
|
||||||
|
types: customLabel_group:
|
||||||
|
types: filter_group:
|
||||||
|
types: hidden_user:
|
||||||
|
types: hidden_group:
|
Loading…
Reference in New Issue