LDAP Rejection
Daniel Maher
daniel.maher at ubisoft.com
Thu Sep 21 21:17:09 IST 2006
Skipped content of type multipart/alternative-------------- next part --------------
###########################################
# slapd configuration excerpt for using
# OpenLDAP's slapd as a caching proxy to an
# Active Directory server.
###########################################
#########################
# proxyAddress definition
#########################
# Using "proxyAddress" is preferable to using the default mail-related
# fields, since this field will contain any and all SIP addresses,
# aliases, and other such items. In short, it is more reliable, but
# it requires additional configuration.
attributetype ( 1.2.840.113556.1.2.210
NAME 'proxyAddresses'
DESC 'rfc822 mail address of group member(s)'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
####################
# LDAP database conf
####################
# Database backend is "ldap" since we are proxying requests, not
# obtaining them locally
database ldap
suffix "DC=company,DC=com"
rootdn "DC=company,DC=com"
uri "ldap://server:port"
# It is recommended to use a read-only account, for security reasons.
binddn "CN=LDAP Read-only acct,OU=Group,OU=Locale,OU=Organisation,DC=company,DC=com"
bindpw "password"
##################
# Cache definition
##################
# This overlay used to be called "proxyCache", but they changed it
# recently. It still says "proxyCache" in the official docs though,
# so be careful!
overlay pcache
proxycache bdb 10000 1 100 100
cachesize 20
# The default LDAP attributes will be cached automatically, but
# since we are using a custom definition, it must be configured
# specifically.
proxyAttrset 0 proxyAddresses
proxyTemplate (proxyAddresses=) 0 3600 3600
index objectClass eq
index cn,sn,uid,mail pres,eq,sub
index proxyAddresses pres,eq
# pick any directory you like, just remember to configure your
# DB_CONFIG *before* starting slapd.
directory /usr/local/openldap/var/proxycache
More information about the MailScanner
mailing list