SYNOPSIS
lcmaps_ldap_enf.mod -maxuid <maxuid> -maxpgid <maxpgid> -maxsgid <maxsgid> -hostname <hostname> -port <port> [-require_all_groups [yes|no]] -dn_manager <DN> -ldap_pw <path/filename> -sb_groups <seachbase> -sb_user <searchbase> -timeout <timeout value>
DESCRIPTION
Ldap enforcement plugin will alter the user and group settings in the ldap database, using the user and groups settings provided by the credential acquisition plugins. Note that LDAP has to be used as the source of account information for PAM or NSS and has to be RFC 2307 complient. (see documentation)
OPTIONS
-maxuid <maxuid>
Maximum number of uids to be used. Strongly advised is to set this to 1. -maxpgid <maxpgid>
Maximum number of primary gids to be used. -maxsgid <maxsgid>
Maximum number of (secondary) gids to be used (not including primary group). Advised is to set this to 1. -hostname <hostname>
The hostname on which the LDAP server is running, e.g. asen.nikhef.nl -port <port>
The port number to which to connect, e.g. 389 -require_all_groups [yes|no]
Specify if all groups set by the PluginManager shall be used. Default is'yes' -dn_manager <DN>
DN of the LDAP manager, e.g. "cn=Manager,dc=root" -ldap_pw <path/filename>
Path to the file containing the password of the LDAP manager. Note: the mode of the file containing the password must be read-only for root (400), otherwise the plugin will not run. -sb_groups <seachbase>
Search base for the (secondary) groups, e.g. "ou=LocalGroups, dc=foobar, dc=ough" -sb_user <searchbase>
Search base for the user, e.g. "ou=LocalUsers, dc=foobar, dc=ough" -timeout <timeout value>
timeout (in seconds) that will be applied to the ldap binding
SEE ALSO
lcmaps_localaccount.mod, lcmaps_poolaccount.mod, lcmaps_posix_enf.mod, lcmaps_voms.mod, lcmaps_voms_poolaccount.mod, lcmaps_voms_poolgroup.mod, lcmaps_voms_localgroup.mod
1.2.8.1 written by Dimitri van Heesch,
© 1997-2001