?i»?
Current Path : /home/s/c/g/scgforma/www/cloud/core/doc/admin/configuration_user/ |
Current File : /home/s/c/g/scgforma/www/cloud/core/doc/admin/configuration_user/user_auth_ldap_api.html |
<!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>The LDAP configuration API — Nextcloud 13 Administration Manual 13 documentation</title> <link rel="stylesheet" href="../_static/" type="text/css" /> <link rel="stylesheet" href="../_static/pygments.css" type="text/css" /> <link rel="stylesheet" href="../_static/main.min.css" type="text/css" /> <link rel="stylesheet" href="../_static/styles.css" type="text/css" /> <script type="text/javascript"> var DOCUMENTATION_OPTIONS = { URL_ROOT: '../', VERSION: '13', COLLAPSE_INDEX: false, FILE_SUFFIX: '.html', HAS_SOURCE: true }; </script> <script type="text/javascript" src="../_static/jquery.js"></script> <script type="text/javascript" src="../_static/underscore.js"></script> <script type="text/javascript" src="../_static/doctools.js"></script> <script type="text/javascript" src="../_static/js/jquery-1.11.0.min.js"></script> <script type="text/javascript" src="../_static/js/jquery-fix.js"></script> <script type="text/javascript" src="../_static/bootstrap-3.1.0/js/bootstrap.min.js"></script> <script type="text/javascript" src="../_static/bootstrap-sphinx.js"></script> <link rel="top" title="Nextcloud 13 Administration Manual 13 documentation" href="../contents.html" /> <link rel="up" title="User management" href="index.html" /> <link rel="next" title="User provisioning API" href="user_provisioning_api.html" /> <link rel="prev" title="LDAP user cleanup" href="user_auth_ldap_cleanup.html" /> <meta charset='utf-8'> <meta http-equiv='X-UA-Compatible' content='IE=edge,chrome=1'> <meta name='viewport' content='width=device-width, initial-scale=1.0, maximum-scale=1'> <meta name="apple-mobile-web-app-capable" content="yes"> <meta name="theme-color" content="#1d2d44"> </head> <body role="document"> <div class="wrap container not-front"> <div class="content row"> <main class="main"> <div class="row"> <div class="col-md-3"> <div class="sidebar"> <h1>Nextcloud 13 Administration Manual</h1> <div class="sidebar-search"> <form class="headersearch" action="../search.html" method="get"> <input type="text" value="" name="q" id="q" class="form-control" /> <button class="btn btn-default" type="submit" id="searchsubmit">Search</button> </form> </div> <div class="menu-support-container"> <ul id="menu-support" class="menu"> <ul> <li><a href="../contents.html">Table of Contents</a></li> </ul> <ul class="current"> <li class="toctree-l1"><a class="reference internal" href="../index.html">Introduction</a></li> <li class="toctree-l1"><a class="reference internal" href="../release_notes.html">Release notes</a></li> <li class="toctree-l1"><a class="reference internal" href="../installation/index.html">Installation</a></li> <li class="toctree-l1"><a class="reference internal" href="../configuration_server/index.html">Server configuration</a></li> <li class="toctree-l1 current"><a class="reference internal" href="index.html">User management</a><ul class="current"> <li class="toctree-l2"><a class="reference internal" href="user_configuration.html">User management</a></li> <li class="toctree-l2"><a class="reference internal" href="reset_admin_password.html">Resetting a lost admin password</a></li> <li class="toctree-l2"><a class="reference internal" href="reset_user_password.html">Resetting a user password</a></li> <li class="toctree-l2"><a class="reference internal" href="user_password_policy.html">User password policy</a></li> <li class="toctree-l2"><a class="reference internal" href="two_factor-auth.html">Two factor authentication</a></li> <li class="toctree-l2"><a class="reference internal" href="user_auth_ftp_smb_imap.html">User authentication with IMAP, SMB, and FTP</a></li> <li class="toctree-l2"><a class="reference internal" href="user_auth_ldap.html">User authentication with LDAP</a></li> <li class="toctree-l2"><a class="reference internal" href="user_auth_ldap_cleanup.html">LDAP user cleanup</a></li> <li class="toctree-l2 current"><a class="current reference internal" href="">The LDAP configuration API</a><ul> <li class="toctree-l3"><a class="reference internal" href="#creating-a-configuration">Creating a configuration</a></li> <li class="toctree-l3"><a class="reference internal" href="#deleting-a-configuration">Deleting a configuration</a></li> <li class="toctree-l3"><a class="reference internal" href="#reading-a-configuration">Reading a configuration</a></li> <li class="toctree-l3"><a class="reference internal" href="#modifying-a-configuration">Modifying a configuration</a></li> <li class="toctree-l3"><a class="reference internal" href="#configuration-keys">Configuration keys</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="user_provisioning_api.html">User provisioning API</a></li> </ul> </li> <li class="toctree-l1"><a class="reference internal" href="../configuration_files/index.html">File sharing and management</a></li> <li class="toctree-l1"><a class="reference internal" href="../file_workflows/index.html">File workflows</a></li> <li class="toctree-l1"><a class="reference internal" href="../configuration_database/index.html">Database configuration</a></li> <li class="toctree-l1"><a class="reference internal" href="../configuration_mimetypes/index.html">Mimetypes management</a></li> <li class="toctree-l1"><a class="reference internal" href="../maintenance/index.html">Maintenance</a></li> <li class="toctree-l1"><a class="reference internal" href="../issues/index.html">Issues and troubleshooting</a></li> </ul> </ul> </div> </div> </div> <div class="col-md-9"> <div class="page-content"> <ul class="prevnext-title list-unstyled list-inline"> <li class="prev"> <a href="user_auth_ldap_cleanup.html" title="Previous Chapter: LDAP user cleanup"><span class="glyphicon glyphicon-chevron-left visible-sm"></span><span class="hidden-sm">« LDAP user cleanup</span> </a> </li> <li class="next"> <a href="user_provisioning_api.html" title="Next Chapter: User provisioning API"><span class="glyphicon glyphicon-chevron-right visible-sm"></span><span class="hidden-sm">User provisioning API »</span> </a> </li> </ul> <div class="section" id="the-ldap-configuration-api"> <h1>The LDAP configuration API<a class="headerlink" href="#the-ldap-configuration-api" title="Permalink to this headline">ΒΆ</a></h1> <p>All methods require that the “OCS-APIREQUEST” header be set to “true”. Methods take an optional “format” parameter, which may be “xml” (the default) or “json”.</p> <div class="section" id="creating-a-configuration"> <h2>Creating a configuration<a class="headerlink" href="#creating-a-configuration" title="Permalink to this headline">ΒΆ</a></h2> <p>Creates a new and empty LDAP configuration. It returns its ID. Authentication is done by sending a basic HTTP authentication header.</p> <p><strong>Syntax: ocs/v2.php/apps/user_ldap/api/v1/config</strong></p> <ul class="simple"> <li>HTTP method: POST</li> </ul> <div class="section" id="example"> <h3>Example<a class="headerlink" href="#example" title="Permalink to this headline">ΒΆ</a></h3> <ul class="simple"> <li>POST <code class="docutils literal"><span class="pre">https://admin:secret@example.com/ocs/v2.php/apps/user_ldap/api/v1/config</span></code> -H “OCS-APIREQUEST: true”</li> <li>Creates a new, empty configuration</li> </ul> </div> <div class="section" id="xml-output"> <h3>XML output<a class="headerlink" href="#xml-output" title="Permalink to this headline">ΒΆ</a></h3> <div class="highlight-xml"><div class="highlight"><pre><span class="cp"><?xml version="1.0"?></span> <span class="nt"><ocs></span> <span class="nt"><meta></span> <span class="nt"><status></span>ok<span class="nt"></status></span> <span class="nt"><statuscode></span>200<span class="nt"></statuscode></span> <span class="nt"><message></span>OK<span class="nt"></message></span> <span class="nt"></meta></span> <span class="nt"><data></span> <span class="nt"><configID></span>s01<span class="nt"></configID></span> <span class="nt"></data></span> <span class="nt"></ocs></span> </pre></div> </div> </div> </div> <div class="section" id="deleting-a-configuration"> <h2>Deleting a configuration<a class="headerlink" href="#deleting-a-configuration" title="Permalink to this headline">ΒΆ</a></h2> <p>Deletes a given LDAP configuration. Authentication is done by sending a basic HTTP authentication header.</p> <p><strong>Syntax: ocs/v2.php/apps/user_ldap/api/v1/config/{configID}</strong></p> <ul class="simple"> <li>HTTP method: DELETE</li> </ul> <div class="section" id="id1"> <h3>Example<a class="headerlink" href="#id1" title="Permalink to this headline">ΒΆ</a></h3> <ul class="simple"> <li>DELETE <code class="docutils literal"><span class="pre">https://admin:secret@example.com/ocs/v2.php/apps/user_ldap/api/v1/config/s02</span> <span class="pre">-H</span> <span class="pre">"OCS-APIREQUEST:</span> <span class="pre">true"</span></code></li> <li>deletes the LDAP configuration</li> </ul> </div> <div class="section" id="id2"> <h3>XML output<a class="headerlink" href="#id2" title="Permalink to this headline">ΒΆ</a></h3> <div class="highlight-xml"><div class="highlight"><pre><span class="cp"><?xml version="1.0"?></span> <span class="nt"><ocs></span> <span class="nt"><meta></span> <span class="nt"><status></span>ok<span class="nt"></status></span> <span class="nt"><statuscode></span>200<span class="nt"></statuscode></span> <span class="nt"><message></span>OK<span class="nt"></message></span> <span class="nt"></meta></span> <span class="nt"><data/></span> <span class="nt"></ocs></span> </pre></div> </div> </div> </div> <div class="section" id="reading-a-configuration"> <h2>Reading a configuration<a class="headerlink" href="#reading-a-configuration" title="Permalink to this headline">ΒΆ</a></h2> <p>Returns all keys and values of the specified LDAP configuration. Authentication is done by sending a basic HTTP authentication header.</p> <p><strong>Syntax: ocs/v2.php/apps/user_ldap/api/v1/config/{configID}</strong></p> <ul class="simple"> <li>HTTP method: GET</li> <li>url argument: showPassword - int, optional, default 0, whether to return the password in clear text</li> </ul> <div class="section" id="id3"> <h3>Example<a class="headerlink" href="#id3" title="Permalink to this headline">ΒΆ</a></h3> <ul class="simple"> <li>GET <code class="docutils literal"><span class="pre">https://admin:secret@example.com/ocs/v2.php/apps/user_ldap/api/v1/config/s02?showPassword=1</span> <span class="pre">-H</span> <span class="pre">"OCS-APIREQUEST:</span> <span class="pre">true"</span></code></li> <li>fetches the LDAP configuration</li> </ul> </div> <div class="section" id="id4"> <h3>XML output<a class="headerlink" href="#id4" title="Permalink to this headline">ΒΆ</a></h3> <div class="highlight-xml"><div class="highlight"><pre><span class="cp"><?xml version="1.0"?></span> <span class="nt"><ocs></span> <span class="nt"><meta></span> <span class="nt"><status></span>ok<span class="nt"></status></span> <span class="nt"><statuscode></span>200<span class="nt"></statuscode></span> <span class="nt"><message></span>OK<span class="nt"></message></span> <span class="nt"></meta></span> <span class="nt"><data></span> <span class="nt"><ldapHost></span>ldap://ldap.server.tld<span class="nt"></ldapHost></span> <span class="nt"><ldapPort></span>389<span class="nt"></ldapPort></span> <span class="nt"><ldapBackupHost></ldapBackupHost></span> <span class="nt"><ldapBackupPort></ldapBackupPort></span> <span class="nt"><ldapBase></span>ou=Department XLII,dc=example,dc=com<span class="nt"></ldapBase></span> <span class="nt"><ldapBaseUsers></span>ou=users,ou=Department XLII,dc=example,dc=com<span class="nt"></ldapBaseUsers></span> <span class="nt"><ldapBaseGroups></span>ou=Department XLII,dc=example,dc=com<span class="nt"></ldapBaseGroups></span> <span class="nt"><ldapAgentName></span>cn=root,dc=example,dc=com<span class="nt"></ldapAgentName></span> <span class="nt"><ldapAgentPassword></span>Secret<span class="nt"></ldapAgentPassword></span> <span class="nt"><ldapTLS></span>1<span class="nt"></ldapTLS></span> <span class="nt"><turnOffCertCheck></span>0<span class="nt"></turnOffCertCheck></span> <span class="nt"><ldapIgnoreNamingRules/></span> <span class="nt"><ldapUserDisplayName></span>displayname<span class="nt"></ldapUserDisplayName></span> <span class="nt"><ldapUserDisplayName2></span>uid<span class="nt"></ldapUserDisplayName2></span> <span class="nt"><ldapGidNumber></span>gidNumber<span class="nt"></ldapGidNumber></span> <span class="nt"><ldapUserFilterObjectclass></span>inetOrgPerson<span class="nt"></ldapUserFilterObjectclass></span> <span class="nt"><ldapUserFilterGroups></ldapUserFilterGroups></span> <span class="nt"><ldapUserFilter></span>(<span class="ni">&amp;</span>(objectclass=nextcloudUser)(nextcloudEnabled=TRUE))<span class="nt"></ldapUserFilter></span> <span class="nt"><ldapUserFilterMode></span>1<span class="nt"></ldapUserFilterMode></span> <span class="nt"><ldapGroupFilter></span>(<span class="ni">&amp;</span>(|(objectclass=nextcloudGroup)))<span class="nt"></ldapGroupFilter></span> <span class="nt"><ldapGroupFilterMode></span>0<span class="nt"></ldapGroupFilterMode></span> <span class="nt"><ldapGroupFilterObjectclass></span>nextcloudGroup<span class="nt"></ldapGroupFilterObjectclass></span> <span class="nt"><ldapGroupFilterGroups></ldapGroupFilterGroups></span> <span class="nt"><ldapGroupMemberAssocAttr></span>memberUid<span class="nt"></ldapGroupMemberAssocAttr></span> <span class="nt"><ldapGroupDisplayName></span>cn<span class="nt"></ldapGroupDisplayName></span> <span class="nt"><ldapLoginFilter></span>(<span class="ni">&amp;</span>(|(objectclass=inetOrgPerson))(uid=%uid))<span class="nt"></ldapLoginFilter></span> <span class="nt"><ldapLoginFilterMode></span>0<span class="nt"></ldapLoginFilterMode></span> <span class="nt"><ldapLoginFilterEmail></span>0<span class="nt"></ldapLoginFilterEmail></span> <span class="nt"><ldapLoginFilterUsername></span>1<span class="nt"></ldapLoginFilterUsername></span> <span class="nt"><ldapLoginFilterAttributes></ldapLoginFilterAttributes></span> <span class="nt"><ldapQuotaAttribute></ldapQuotaAttribute></span> <span class="nt"><ldapQuotaDefault></span>20 MB<span class="nt"></ldapQuotaDefault></span> <span class="nt"><ldapEmailAttribute></span>mail<span class="nt"></ldapEmailAttribute></span> <span class="nt"><ldapCacheTTL></span>600<span class="nt"></ldapCacheTTL></span> <span class="nt"><ldapUuidUserAttribute></span>auto<span class="nt"></ldapUuidUserAttribute></span> <span class="nt"><ldapUuidGroupAttribute></span>auto<span class="nt"></ldapUuidGroupAttribute></span> <span class="nt"><ldapOverrideMainServer></ldapOverrideMainServer></span> <span class="nt"><ldapConfigurationActive></span>1<span class="nt"></ldapConfigurationActive></span> <span class="nt"><ldapAttributesForUserSearch></span>uid;sn;givenname<span class="nt"></ldapAttributesForUserSearch></span> <span class="nt"><ldapAttributesForGroupSearch></ldapAttributesForGroupSearch></span> <span class="nt"><ldapExperiencedAdmin></span>0<span class="nt"></ldapExperiencedAdmin></span> <span class="nt"><homeFolderNamingRule></span>attr:mail<span class="nt"></homeFolderNamingRule></span> <span class="nt"><hasPagedResultSupport></hasPagedResultSupport></span> <span class="nt"><hasMemberOfFilterSupport></span>1<span class="nt"></hasMemberOfFilterSupport></span> <span class="nt"><useMemberOfToDetectMembership></span>1<span class="nt"></useMemberOfToDetectMembership></span> <span class="nt"><ldapExpertUsernameAttr></ldapExpertUsernameAttr></span> <span class="nt"><ldapExpertUUIDUserAttr></ldapExpertUUIDUserAttr></span> <span class="nt"><ldapExpertUUIDGroupAttr></ldapExpertUUIDGroupAttr></span> <span class="nt"><lastJpegPhotoLookup></span>0<span class="nt"></lastJpegPhotoLookup></span> <span class="nt"><ldapNestedGroups></span>0<span class="nt"></ldapNestedGroups></span> <span class="nt"><ldapPagingSize></span>500<span class="nt"></ldapPagingSize></span> <span class="nt"><turnOnPasswordChange></span>1<span class="nt"></turnOnPasswordChange></span> <span class="nt"><ldapDynamicGroupMemberURL></ldapDynamicGroupMemberURL></span> <span class="nt"><ldapDefaultPPolicyDN></ldapDefaultPPolicyDN></span> <span class="nt"></data></span> <span class="nt"></ocs></span> </pre></div> </div> </div> </div> <div class="section" id="modifying-a-configuration"> <h2>Modifying a configuration<a class="headerlink" href="#modifying-a-configuration" title="Permalink to this headline">ΒΆ</a></h2> <p>Updates a configuration with the provided values. Authentication is done by sending a basic HTTP authentication header.</p> <p><strong>Syntax: ocs/v2.php/apps/user_ldap/api/v1/config/{configID}</strong></p> <ul class="simple"> <li>HTTP method: PUT</li> <li>url argument: configData - array, see table below for the fields. All fields are optional. The values must be url-encoded.</li> </ul> <div class="section" id="id5"> <h3>Example<a class="headerlink" href="#id5" title="Permalink to this headline">ΒΆ</a></h3> <ul class="simple"> <li>PUT <code class="docutils literal"><span class="pre">https://admin:secret@example.com/ocs/v2.php/apps/user_ldap/api/v1/config/s01</span> <span class="pre">-H</span> <span class="pre">"OCS-APIREQUEST:</span> <span class="pre">true"</span> <span class="pre">-d</span> <span class="pre">"configData[ldapHost]=ldap%3A%2F%2Fldap.server.tld</span> <span class="pre">&configData[ldapPort]=389"</span></code></li> <li>fetches the LDAP configuration</li> </ul> </div> <div class="section" id="id6"> <h3>XML output<a class="headerlink" href="#id6" title="Permalink to this headline">ΒΆ</a></h3> <div class="highlight-xml"><div class="highlight"><pre><span class="cp"><?xml version="1.0"?></span> <span class="nt"><ocs></span> <span class="nt"><meta></span> <span class="nt"><status></span>ok<span class="nt"></status></span> <span class="nt"><statuscode></span>200<span class="nt"></statuscode></span> <span class="nt"><message></span>OK<span class="nt"></message></span> <span class="nt"></meta></span> <span class="nt"><data/></span> <span class="nt"></ocs></span> </pre></div> </div> </div> </div> <div class="section" id="configuration-keys"> <h2>Configuration keys<a class="headerlink" href="#configuration-keys" title="Permalink to this headline">ΒΆ</a></h2> <table border="1" class="docutils"> <colgroup> <col width="19%" /> <col width="4%" /> <col width="6%" /> <col width="72%" /> </colgroup> <thead valign="bottom"> <tr class="row-odd"><th class="head">Key</th> <th class="head">Mode</th> <th class="head">Required</th> <th class="head">Description</th> </tr> </thead> <tbody valign="top"> <tr class="row-even"><td>ldapHost</td> <td>rw</td> <td>yes</td> <td>LDAP server host, supports protocol</td> </tr> <tr class="row-odd"><td>ldapPort</td> <td>rw</td> <td>yes</td> <td>LDAP server port</td> </tr> <tr class="row-even"><td>ldapBackupHost</td> <td>rw</td> <td>no</td> <td>LDAP replica host</td> </tr> <tr class="row-odd"><td>ldapBackupPort</td> <td>rw</td> <td>no</td> <td>LDAP replica port</td> </tr> <tr class="row-even"><td>ldapOverrideMainServer</td> <td>rw</td> <td>no</td> <td>Whether replica should be used instead</td> </tr> <tr class="row-odd"><td>ldapBase</td> <td>rw</td> <td>yes</td> <td>Base</td> </tr> <tr class="row-even"><td>ldapBaseUsers</td> <td>rw</td> <td>no</td> <td>Base for users, defaults to general base if not specified</td> </tr> <tr class="row-odd"><td>ldapBaseGroups</td> <td>rw</td> <td>no</td> <td>Base for groups, defaults to general base if not specified</td> </tr> <tr class="row-even"><td>ldapAgentName</td> <td>rw</td> <td>no</td> <td>DN for the (service) user to connect to LDAP</td> </tr> <tr class="row-odd"><td>ldapAgentPassword</td> <td>rw</td> <td>no</td> <td>Password for the service user</td> </tr> <tr class="row-even"><td>ldapTLS</td> <td>rw</td> <td>no</td> <td>Whether to use StartTLS</td> </tr> <tr class="row-odd"><td>turnOffCertCheck</td> <td>rw</td> <td>no</td> <td>Turns off certificate validation for TLS connections</td> </tr> <tr class="row-even"><td>ldapIgnoreNamingRules</td> <td>rw</td> <td>no</td> <td>Backwards compatibility, do not set it.</td> </tr> <tr class="row-odd"><td>ldapUserDisplayName</td> <td>rw</td> <td>yes</td> <td>Attribute used as display name for users</td> </tr> <tr class="row-even"><td>ldapUserDisplayName2</td> <td>rw</td> <td>no</td> <td>Additional attribute, if set show on brackets next to the main attribute</td> </tr> <tr class="row-odd"><td>ldapGidNumber</td> <td>rw</td> <td>no</td> <td>group ID attribute, needed for primary groups on OpenLDAP (and compatible)</td> </tr> <tr class="row-even"><td>ldapUserFilterObjectclass</td> <td>rw</td> <td>no</td> <td>set by the Settings Wizard (web UI)</td> </tr> <tr class="row-odd"><td>ldapUserFilterGroups</td> <td>rw</td> <td>no</td> <td>set by the Settings Wizard (web UI)</td> </tr> <tr class="row-even"><td>ldapUserFilter</td> <td>rw</td> <td>yes</td> <td>LDAP Filter used to retrieve user</td> </tr> <tr class="row-odd"><td>ldapUserFilterMode</td> <td>rw</td> <td>no</td> <td>used by the Settings Wizard, set to 1 for manual editing</td> </tr> <tr class="row-even"><td>ldapAttributesForUserSearch</td> <td>rw</td> <td>no</td> <td>attributes to be matched when searching for users. separate by ;</td> </tr> <tr class="row-odd"><td>ldapGroupFilter</td> <td>rw</td> <td>no</td> <td>LDAP Filter used to retrieve groups</td> </tr> <tr class="row-even"><td>ldapGroupFilterMode</td> <td>rw</td> <td>no</td> <td>used by the Settings Wizard, set to 1 for manual editing</td> </tr> <tr class="row-odd"><td>ldapGroupFilterObjectclass</td> <td>rw</td> <td>no</td> <td>set by the Settings Wizard (web UI)</td> </tr> <tr class="row-even"><td>ldapGroupFilterGroups</td> <td>rw</td> <td>no</td> <td>set by the Settings Wizard (web UI)</td> </tr> <tr class="row-odd"><td>ldapGroupMemberAssocAttr</td> <td>rw</td> <td>no</td> <td>attribute that indicates group members, one of: member, memberUid, uniqueMember, gidNumber</td> </tr> <tr class="row-even"><td>ldapGroupDisplayName</td> <td>rw</td> <td>no</td> <td>Attribute used as display name for groups, required if groups are used</td> </tr> <tr class="row-odd"><td>ldapAttributesForGroupSearch</td> <td>rw</td> <td>no</td> <td>attributes to be matched when searching for groups. separate by ;</td> </tr> <tr class="row-even"><td>ldapLoginFilter</td> <td>rw</td> <td>yes</td> <td>LDAP Filter used to authenticate users</td> </tr> <tr class="row-odd"><td>ldapLoginFilterMode</td> <td>rw</td> <td>no</td> <td>used by the Settings Wizard, set to 1 for manual editing</td> </tr> <tr class="row-even"><td>ldapLoginFilterEmail</td> <td>rw</td> <td>no</td> <td>set by the Settings Wizard (web UI)</td> </tr> <tr class="row-odd"><td>ldapLoginFilterUsername</td> <td>rw</td> <td>no</td> <td>set by the Settings Wizard (web UI)</td> </tr> <tr class="row-even"><td>ldapLoginFilterAttributes</td> <td>rw</td> <td>no</td> <td>set by the Settings Wizard (web UI)</td> </tr> <tr class="row-odd"><td>ldapQuotaAttribute</td> <td>rw</td> <td>no</td> <td>LDAP attribute containing the quote value (per user)</td> </tr> <tr class="row-even"><td>ldapQuotaDefault</td> <td>rw</td> <td>no</td> <td>Default Quota, if specified quota attribute is empty</td> </tr> <tr class="row-odd"><td>ldapEmailAttribute</td> <td>rw</td> <td>no</td> <td>LDAP attribute containing the email address (takes first if multiple are stored)</td> </tr> <tr class="row-even"><td>ldapCacheTTL</td> <td>rw</td> <td>no</td> <td>How long results from LDAP are cached, defaults to 10min</td> </tr> <tr class="row-odd"><td>ldapUuidUserAttribute</td> <td>r</td> <td>no</td> <td>set in runtime</td> </tr> <tr class="row-even"><td>ldapUuidGroupAttribute</td> <td>r</td> <td>no</td> <td>set in runtime</td> </tr> <tr class="row-odd"><td>ldapConfigurationActive</td> <td>rw</td> <td>no</td> <td>whether this configuration is active. 1 is on, 0 is off.</td> </tr> <tr class="row-even"><td>ldapExperiencedAdmin</td> <td>rw</td> <td>no</td> <td>used by the Settings Wizard, set to 1 for manual editing</td> </tr> <tr class="row-odd"><td>homeFolderNamingRule</td> <td>rw</td> <td>no</td> <td>LDAP attribute to use a user folder name</td> </tr> <tr class="row-even"><td>hasPagedResultSupport</td> <td>r</td> <td>no</td> <td>set in runtime</td> </tr> <tr class="row-odd"><td>hasMemberOfFilterSupport</td> <td>r</td> <td>no</td> <td>set in runtime</td> </tr> <tr class="row-even"><td>useMemberOfToDetectMembership</td> <td>rw</td> <td>no</td> <td>Whether to use memberOf to detect group memberships</td> </tr> <tr class="row-odd"><td>ldapExpertUsernameAttr</td> <td>rw</td> <td>no</td> <td>LDAP attribute to use as internal username. Might be modified (e.g. to avoid name collisions, character restrictions)</td> </tr> <tr class="row-even"><td>ldapExpertUUIDUserAttr</td> <td>rw</td> <td>no</td> <td>override the LDAP servers UUID attribute to identify LDAP user records</td> </tr> <tr class="row-odd"><td>ldapExpertUUIDGroupAttr</td> <td>rw</td> <td>no</td> <td>override the LDAP servers UUID attribute to identify LDAP group records</td> </tr> <tr class="row-even"><td>lastJpegPhotoLookup</td> <td>r</td> <td>no</td> <td>set in runtime</td> </tr> <tr class="row-odd"><td>ldapNestedGroups</td> <td>rw</td> <td>no</td> <td>Whether LDAP supports nested groups</td> </tr> <tr class="row-even"><td>ldapPagingSize</td> <td>rw</td> <td>no</td> <td>Number of results to return per page</td> </tr> <tr class="row-odd"><td>turnOnPasswordChange</td> <td>rw</td> <td>no</td> <td>Whether users are allowed to change passwords (hashing must happen on LDAP!)</td> </tr> <tr class="row-even"><td>ldapDynamicGroupMemberURL</td> <td>rw</td> <td>no</td> <td>URL for dynamic groups</td> </tr> <tr class="row-odd"><td>ldapDefaultPPolicyDN</td> <td>rw</td> <td>no</td> <td>PPolicy DN for password rules</td> </tr> </tbody> </table> </div> </div> <ul class="prevnext-title list-unstyled list-inline"> <li class="prev"> <a href="user_auth_ldap_cleanup.html" title="Previous Chapter: LDAP user cleanup"><span class="glyphicon glyphicon-chevron-left visible-sm"></span><span class="hidden-sm">« LDAP user cleanup</span> </a> </li> <li class="next"> <a href="user_provisioning_api.html" title="Next Chapter: User provisioning API"><span class="glyphicon glyphicon-chevron-right visible-sm"></span><span class="hidden-sm">User provisioning API »</span> </a> </li> </ul> </div> </div> </div> </main> </div> </div> </body> </html>