# global parameters [global] # listing interface server.socket_host = '127.0.0.1' # port server.socket_port = 8080 # number of threads server.thread_pool = 8 #don't show traceback on error request.show_tracebacks = False # log configuration # /!\ you can't have multiple log handlers ##################################### # configuration to log in files # ##################################### ## logger 'file' for access log #log.access_handler = 'file' ## logger syslog for error and ldapcherry log #log.error_handler = 'file' ## access log file #log.access_file = '/tmp/ldapcherry_access.log' ## error and ldapcherry log file #log.error_file = '/tmp/ldapcherry_error.log' ##################################### # configuration to log in syslog # ##################################### # logger syslog for access log #log.access_handler = 'syslog' ## logger syslog for error and ldapcherry log log.error_handler = 'syslog' ##################################### # configuration to not log at all # ##################################### # logger none for access log log.access_handler = 'none' # logger none for error and ldapcherry log #log.error_handler = 'none' # log level log.level = 'info' # session configuration # activate session tools.sessions.on = True # session timeout tools.sessions.timeout = 10 # file session storage(to use if multiple processes, # default is in RAM and per process) #tools.sessions.storage_type = "file" # session #tools.sessions.storage_path = "/var/lib/ldapcherry/sessions" [attributes] # file discribing form content attributes.file = '/etc/ldapcherry/attributes.yml' [roles] # file listing roles roles.file = '/etc/ldapcherry/roles.yml' [backends] ldap.module = 'ldapcherry.backends.ldap' ldap.groupdn = 'ou=group,dc=example,dc=com' ldap.people = 'ou=group,dc=example,dc=com' ldap.authdn = 'cn=ldapcherry,dc=example,dc=com' ldap.password = 'password' ldap.uri = 'ldaps://ldap.ldapcherry.org' ldap.ca = '/etc/dnscherry/TEST-cacert.pem' ldap.starttls = 'on' ldap.checkcert = 'off' ad.module = 'ldapcherry.backends.ad' ad.auth = 'Administrator' ad.password = 'password' # authentification parameters [auth] # Auth mode # * and: user must authenticate on all backends # * or: user must authenticate on one of the backend # * none: disable authentification # * custom: custom authentification module (need auth.module param) auth.mode = 'or' # custom auth module to load #auth.module = 'ldapcherry.auth.modNone' # resources parameters [resources] # templates directory templates.dir = '/usr/share/ldapcherry/templates/' [/static] tools.staticdir.on = True tools.staticdir.dir = '/usr/share/ldapcherry/static/'