From 858414e219aced8832d8ae0da37d4738239d72d4 Mon Sep 17 00:00:00 2001
From: kakwa <carpentier.pf@gmail.com>
Date: Sun, 28 Jun 2015 11:41:36 +0200
Subject: [PATCH] better configuration example

---
 conf/attributes.yml | 38 ++++++++++++++------------------------
 conf/ldapcherry.ini | 37 ++++++++++++++++++++++---------------
 conf/roles.yml      | 37 ++++++++++++++++++-------------------
 3 files changed, 54 insertions(+), 58 deletions(-)

diff --git a/conf/attributes.yml b/conf/attributes.yml
index 80cd8a7..108ed69 100644
--- a/conf/attributes.yml
+++ b/conf/attributes.yml
@@ -2,7 +2,6 @@ cn:
     description: "First Name and Display Name"
     display_name: "Display Name"
     type: string
-    search_displayed: True
     weight: 30
     autofill: 
         function: cn
@@ -11,8 +10,7 @@ cn:
             - $name
     backends:
         ldap: cn
-        ad: CN
-
+#        ad: CN
 first-name:
     description: "First name of the user"
     display_name: "First Name"
@@ -21,7 +19,7 @@ first-name:
     weight: 20
     backends:
         ldap: givenName
-        ad: givenName
+#        ad: givenName
 name:
     description: "Family name of the user"
     display_name: "Name"
@@ -30,10 +28,11 @@ name:
     type: string
     backends:
         ldap: sn
-        ad: sn
+#        ad: sn
 email:
     description: "Email of the user"
     display_name: "Email"
+    search_displayed: True
     type: email
     weight: 40
     autofill: 
@@ -43,8 +42,8 @@ email:
             - $last-name
             - '@example.com'
     backends:
-        ldap: email
-        ad: EMAIL
+        ldap: mail
+#        ad: mail
 uid:
     description: "UID of the user"
     display_name: "UID"
@@ -59,7 +58,7 @@ uid:
             - $last-name
     backends:
         ldap: uid
-        ad: UID
+#        ad: uid
 uidNumber:
     description: "User ID Number of the user"
     display_name: "UID Number"
@@ -72,7 +71,7 @@ uidNumber:
             - $last-name
     backends:
         ldap: uidNumber
-        ad: UIDNumber
+#        ad: UIDNumber
 gidNumber:
     description: "Group ID Number of the user"
     display_name: "GID Number"
@@ -81,7 +80,7 @@ gidNumber:
     default: 10000
     backends:
         ldap: gidNumber
-        ad: GIDNumber
+#        ad: GIDNumber
 shell:
     description: "Shell of the user"
     display_name: "Shell"
@@ -93,8 +92,8 @@ shell:
         - /bin/zsh
         - /bin/sh
     backends:
-        ldap: shell
-        ad: SHELL
+        ldap: loginShell
+#        ad: LOGINSHEL
 home:
     description: "Home user path"
     display_name: "Home"
@@ -107,9 +106,8 @@ home:
             - $last-name
             - /home/
     backends:
-        ldap: home
-        ad: Home
-
+        ldap: homeDirectory
+#        ad: HOMEDIRECTORY
 password:
     description: "Password of the user"
     display_name: "Password"
@@ -118,12 +116,4 @@ password:
     type: password
     backends:
         ldap: userPassword
-        ad: userPassword
-logscript:
-    description: "Windows login script"
-    display_name: "Login script"
-    weight: 100
-    type: fix
-    value: login1.bat
-    backends:
-        ad: logonScript
+#        ad: PASSWORD
diff --git a/conf/ldapcherry.ini b/conf/ldapcherry.ini
index d64a1dd..f8bf594 100644
--- a/conf/ldapcherry.ini
+++ b/conf/ldapcherry.ini
@@ -66,47 +66,54 @@ roles.file = '/etc/ldapcherry/roles.yml'
 
 [backends]
 
+#####################################
+#   configuration of ldap backend   #
+#####################################
+
 # name of the module
 ldap.module = 'ldapcherry.backend.backendLdap'
 
 # uri of the ldap directory
-ldap.uri = 'ldaps://ldap.ldapcherry.org'
+ldap.uri = 'ldap://ldap.ldapcherry.org'
 # ca to use for ssl/tls connexion
-ldap.ca = '/etc/dnscherry/TEST-cacert.pem'
+#ldap.ca = '/etc/dnscherry/TEST-cacert.pem'
 # use start tls
-ldap.starttls = 'off'
+#ldap.starttls = 'off'
 # check server certificate (for tls)
-ldap.checkcert = 'off'
+#ldap.checkcert = 'off'
 # bind dn to the ldap
-ldap.binddn = 'cn=ldapcherry,dc=example,dc=org'
+ldap.binddn = 'cn=dnscherry,dc=example,dc=org'
 # password of the bind dn
 ldap.password = 'password'
 # timeout of ldap connexion (in second)
 ldap.timeout = 1
 
 # groups dn
-ldap.groupdn = 'ou=groups,dc=example,dc=org'
+ldap.groupdn = 'ou=group,dc=example,dc=org'
 # users dn
 ldap.userdn = 'ou=people,dc=example,dc=org'
 # ldapsearch filter to get a user
 ldap.user_filter_tmpl = '(uid=%(username)s)'
 # ldapsearch filter to get groups of a user
-ldap.group_filter_tmpl = '(member=%(username)s)'
+ldap.group_filter_tmpl = '(member=uid=%(username)s,ou=People,dc=example,dc=org)'
 # filter to search users
 ldap.search_filter_tmpl = '(|(uid=%(searchstring)s*)(sn=%(searchstring)s*))'
 
 # ldap group attributes and how to fill them
-ldap.group_attr.uniqMember = "%(dn)s"
-ldap.group_attr.memberUid = "%(uid)s"
+ldap.group_attr.member = "%(dn)s"
+#ldap.group_attr.memberUid = "%(uid)s"
 # object classes of a user entry
-ldap.objectclasses = 'top, person, organizationalPerson, user'
+ldap.objectclasses = 'top, person, posixAccount, inetOrgPerson'
 # dn entry attribute for an ldap user
 ldap.dn_user_attr = 'uid'
 
-
-ad.module = 'ldapcherry.backend.backendSamba4'
-ad.auth = 'Administrator'
-ad.password = 'password'
+#####################################
+#   configuration of ad backend     #
+#####################################
+# 
+#ad.module = 'ldapcherry.backend.backendSamba4'
+#ad.auth = 'Administrator'
+#ad.password = 'password'
 
 # authentification parameters
 [auth]
@@ -128,4 +135,4 @@ templates.dir = '/usr/share/ldapcherry/templates/'
 
 [/static]
 tools.staticdir.on = True
-tools.staticdir.dir = '/usr/share/ldapcherry/static/'
+tools.staticdir.dir = '/home/kakwa/Geek/GitHub/ldapcherry/resources/static/'
diff --git a/conf/roles.yml b/conf/roles.yml
index f3ed9da..21d05b8 100644
--- a/conf/roles.yml
+++ b/conf/roles.yml
@@ -3,14 +3,14 @@ admin-lv3:
     description: Super administrators of the system
     backends_groups:
         ldap:
-            - cn=dns admins,ou=group,dc=example,dc=com
-            - cn=nagios admins,ou=group,dc=example,dc=com
-            - cn=puppet admins,ou=group,dc=example,dc=com
-            - cn=users,ou=group,dc=example,dc=com
-        ad:
-            - Domain Users
-            - Administrators
-            - Domain Controllers 
+            - cn=dns admins,ou=Group,dc=example,dc=org
+            - cn=nagios admins,ou=Group,dc=example,dc=org
+            - cn=puppet admins,ou=Group,dc=example,dc=org
+            - cn=users,ou=Group,dc=example,dc=org
+#        ad:
+#            - Administrators
+#            - Domain Controllers
+#            - Domain Users
 
 admin-lv2:
     display_name: Administrators Level 2
@@ -18,26 +18,25 @@ admin-lv2:
     LC_admins: True
     backends_groups:
         ldap:
-            - cn=nagios admins,ou=group,dc=example,dc=com
-            - cn=users,ou=group,dc=example,dc=com
-        ad:
-            - Domain Users
+            - cn=nagios admins,ou=Group,dc=example,dc=org
+            - cn=users,ou=Group,dc=example,dc=org
+#        ad:
+#            - Domain Users
+#            - Domain Controllers
 
 developpers:
     display_name: Developpers
     description: Developpers of the system
     backends_groups:
         ldap:
-            - cn=developpers,ou=group,dc=example,dc=com
-            - cn=users,ou=group,dc=example,dc=com
-        ad:
-            - Domain Users
+            - cn=developpers,ou=Group,dc=example,dc=org
+            - cn=users,ou=Group,dc=example,dc=org
 
 users:
     display_name: Simple Users
     description: Basic users of the system
     backends_groups:
         ldap:
-            - cn=users,ou=group,dc=example,dc=com
-        ad:
-            - Domain Users
+            - cn=users,ou=Group,dc=example,dc=org
+#        ad:
+#            - Domain Users