# LDAP Account Manager configuration # # Please do not modify this file manually. The configuration can be done completely by the LAM GUI. # ################################################################################################### # server address (e.g. ldap://localhost:389 or ldaps://localhost:636) ServerURL: ldap://localhost:389 # list of users who are allowed to use LDAP Account Manager # names have to be seperated by semicolons # e.g. admins: cn=admin,dc=yourdomain,dc=org;cn=root,dc=yourdomain,dc=org Admins: cn=admin,dc=wikimedia,dc=de # password to change these preferences via webfrontend (default: lam) #Passwd: {SSHA}T7uRmkbOgzr9k0BVJi1GvqqwJJQ= iaZAeQ== Passwd: {SSHA}<%= @encoded_password %> <%= @encoded_password_salt %> # suffix of tree view # e.g. dc=yourdomain,dc=org treesuffix: dc=wikimedia,dc=de # default language (a line from config/language) defaultLanguage: en_GB.utf8 # Path to external Script scriptPath: # Server of external Script scriptServer: # Access rights for home directories scriptRights: 750 # Number of minutes LAM caches LDAP searches. cachetimeout: 5 # LDAP search limit. searchLimit: 1000 # Module settings modules: posixAccount_user_minUID: 10000 modules: posixAccount_user_maxUID: 30000 modules: posixGroup_group_minGID: 10000 modules: posixGroup_group_maxGID: 20000 modules: posixAccount_pwdHash: SSHA # List of active account types. activeTypes: user,group types: suffix_user: ou=People,dc=wikimedia,dc=de types: attr_user: #uid;#givenName;#sn;#uidNumber;#gidNumber types: modules_user: inetOrgPerson,posixAccount,shadowAccount types: suffix_group: ou=group,dc=wikimedia,dc=de types: attr_group: #cn;#gidNumber;#memberUID;#description types: modules_group: wmdeGroup # Password mail subject lamProMailSubject: Your password was reset # Password mail text lamProMailText: Dear @@givenName@@ @@sn@@,+::++::+your password was reset to: @@newPassword@@+::++::++::+Best regards+::++::+deskside support+::+ serverDisplayName: # enable TLS encryption useTLS: no # follow referrals followReferrals: false # paged results pagedResults: false referentialIntegrityOverlay: false # time zone timeZone: Europe/London scriptUserName: scriptSSHKey: scriptSSHKeyPassword: # Access level for this profile. accessLevel: 100 # Login method. loginMethod: list # Search suffix for LAM login. loginSearchSuffix: dc=yourdomain,dc=org # Search filter for LAM login. loginSearchFilter: uid=%USER% # Bind DN for login search. loginSearchDN: # Bind password for login search. loginSearchPassword: # HTTP authentication for LAM login. httpAuthentication: false # Password mail from lamProMailFrom: # Password mail reply-to lamProMailReplyTo: # Password mail is HTML lamProMailIsHTML: false # Allow alternate address lamProMailAllowAlternateAddress: true jobsBindPassword: jobsBindUser: jobsDatabase: jobsDBHost: jobsDBPort: jobsDBUser: jobsDBPassword: jobsDBName: jobToken: 682084386696 pwdResetAllowSpecificPassword: true pwdResetAllowScreenPassword: true pwdResetForcePasswordChange: true pwdResetDefaultPasswordOutput: 2 twoFactorAuthentication: none twoFactorAuthenticationURL: https://localhost twoFactorAuthenticationClientId: twoFactorAuthenticationSecretKey: twoFactorAuthenticationDomain: twoFactorAuthenticationInsecure: twoFactorAuthenticationLabel: twoFactorAuthenticationOptional: twoFactorAuthenticationCaption: twoFactorAuthenticationAttribute: tools: tool_hide_ImportExport: false tools: tool_hide_toolTests: false tools: tool_hide_toolProfileEditor: false tools: tool_hide_toolMultiEdit: false tools: tool_hide_toolOUEditor: false tools: tool_hide_toolFileUpload: false tools: tool_hide_toolPDFEditor: false tools: tool_hide_toolWebauthn: false tools: tool_hide_toolSchemaBrowser: false tools: tool_hide_toolServerInformation: false modules: posixGroup_group_gidGenerator: range modules: posixGroup_group_hidememberUid: false modules: posixAccount_user_uidGeneratorUsers: range modules: posixAccount_user_userNameSuggestion: @givenname@%sn% modules: posixAccount_user_hidegecos: false modules: posixAccount_user_hidepassword: false modules: posixAccount_shells: /bin/bash+::+/bin/csh+::+/bin/dash+::+/bin/false+::+/bin/ksh+::+/bin/sh modules: posixAccount_primaryGroupAsSecondary: false modules: inetOrgPerson_hideDescription: false modules: inetOrgPerson_hideStreet: false modules: inetOrgPerson_hidePostOfficeBox: false modules: inetOrgPerson_hidePostalCode: false modules: inetOrgPerson_hideLocation: false modules: inetOrgPerson_hideState: false modules: inetOrgPerson_hidePostalAddress: false modules: inetOrgPerson_hideRegisteredAddress: false modules: inetOrgPerson_hideOfficeName: false modules: inetOrgPerson_hideRoomNumber: false modules: inetOrgPerson_hideTelephoneNumber: false modules: inetOrgPerson_hideHomeTelephoneNumber: false modules: inetOrgPerson_hideMobileNumber: false modules: inetOrgPerson_hideFaxNumber: false modules: inetOrgPerson_hidePager: true modules: inetOrgPerson_hideEMailAddress: false modules: inetOrgPerson_hideJobTitle: false modules: inetOrgPerson_hideCarLicense: false modules: inetOrgPerson_hideEmployeeType: false modules: inetOrgPerson_hideBusinessCategory: false modules: inetOrgPerson_hideDepartments: false modules: inetOrgPerson_hideManager: false modules: inetOrgPerson_hideOu: false modules: inetOrgPerson_hideO: false modules: inetOrgPerson_hideEmployeeNumber: false modules: inetOrgPerson_hideInitials: false modules: inetOrgPerson_hideLabeledURI: false modules: inetOrgPerson_hideuserCertificate: false modules: inetOrgPerson_hidejpegPhoto: false modules: inetOrgPerson_hidedisplayName: true modules: inetOrgPerson_addAddressbook: false modules: inetOrgPerson_readOnly_businessCategory: false modules: inetOrgPerson_readOnly_carLicense: false modules: inetOrgPerson_readOnly_cn: false modules: inetOrgPerson_readOnly_departmentNumber: false modules: inetOrgPerson_readOnly_description: false modules: inetOrgPerson_readOnly_mail: false modules: inetOrgPerson_readOnly_employeeNumber: false modules: inetOrgPerson_readOnly_employeeType: false modules: inetOrgPerson_readOnly_facsimileTelephoneNumber: false modules: inetOrgPerson_readOnly_givenName: false modules: inetOrgPerson_readOnly_homePhone: false modules: inetOrgPerson_readOnly_initials: false modules: inetOrgPerson_readOnly_title: false modules: inetOrgPerson_readOnly_sn: false modules: inetOrgPerson_readOnly_l: false modules: inetOrgPerson_readOnly_manager: false modules: inetOrgPerson_readOnly_mobile: false modules: inetOrgPerson_readOnly_physicalDeliveryOfficeName: false modules: inetOrgPerson_readOnly_o: false modules: inetOrgPerson_readOnly_ou: false modules: inetOrgPerson_readOnly_pager: false modules: inetOrgPerson_readOnly_userPassword: false modules: inetOrgPerson_readOnly_jpegPhoto: false modules: inetOrgPerson_readOnly_postOfficeBox: false modules: inetOrgPerson_readOnly_postalAddress: false modules: inetOrgPerson_readOnly_postalCode: false modules: inetOrgPerson_readOnly_registeredAddress: false modules: inetOrgPerson_readOnly_roomNumber: false modules: inetOrgPerson_readOnly_st: false modules: inetOrgPerson_readOnly_street: false modules: inetOrgPerson_readOnly_telephoneNumber: false modules: inetOrgPerson_readOnly_uid: false modules: inetOrgPerson_readOnly_labeledURI: false types: customLabel_user: types: filter_user: types: customLabel_group: types: filter_group: types: hidden_user: types: hidden_group: