Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 2705 → Rev 2704

/conf/radius/ldap-alcasar
1,6 → 1,5
# -*- text -*-
# Lightweight Directory Access Protocol (LDAP) module for ALCASAR
 
ldap {
server = "localhost"
port = 389
7,38 → 6,28
identity = "cn=alcasaradmin;cn=Users;dc=serverad;dc=com"
password = "mypass"
base_dn = "cn=Users;dc=serverad;dc=com"
user {
base_dn = "${..base_dn}"
# "samaccountname=" for AD; "uid=" for LDAP
filter = (samaccountname=%{%{Stripped-User-Name}:-%{User-Name}})
}
options {
chase_referrals = yes
rebind = yes
res_timeout = 10
srv_timelimit = 3
net_timeout = 1
idle = 60
probes = 3
interval = 3
# ldap_debug = 0x0129
}
tls {
# start_tls = yes
# ca_file = /etc/raddb/certs/alcasar-ldaps.crt
# ca_path = ${certdir}
# certificate_file = /path/to/radius.crt
# private_key_file = /path/to/radius.key
# random_file = /dev/urandom
# require_cert = 'demand'
}
pool {
start = 5
min = 3
max = 10
uses = 0
retry_delay = 30
lifetime = 0
idle_timeout = 60
}
user {
base_dn = "${..base_dn}"
# "samaccountname=" for AD; "uid=" for LDAP
filter = (samaccountname=%{%{Stripped-User-Name}:-%{User-Name}})
}
options {
chase_referrals = yes
rebind = yes
res_timeout = 10
srv_timelimit = 3
net_timeout = 1
idle = 60
probes = 3
interval = 3
}
pool {
start = 5
min = 3
max = 10
uses = 0
retry_delay = 30
lifetime = 0
idle_timeout = 60
}
}
/conf/sudoers
26,7 → 26,7
Cmnd_Alias UAM=/usr/local/bin/alcasar-uamallowed.sh # to manage the trusted websites (uamallowed)
Cmnd_Alias SERVICE=/usr/bin/systemctl,/usr/sbin/shutdown # to manage the linux services
Cmnd_Alias GAMMU=/usr/local/bin/alcasar-sms.sh # to manage the SMS subsystem
Cmnd_Alias SSL=/usr/local/bin/alcasar-importcert.sh,/usr/local/bin/alcasar-letsencrypt.sh,/usr/local/bin/alcasar-https.sh,/usr/local/bin/alcasar-ldap.sh --import-cert * # to manage the certificates
Cmnd_Alias SSL=/usr/local/bin/alcasar-importcert.sh,/usr/local/bin/alcasar-letsencrypt.sh,/usr/local/bin/alcasar-https.sh # to manage the certificates
Cmnd_Alias HTDIGEST=/usr/local/bin/alcasar-profil.sh # to manage htdigest groups
Cmnd_Alias LOG_GEN=/usr/local/bin/alcasar-generate_log.sh # to create log PDF from ACC
Cmnd_Alias LDAP=/usr/local/bin/alcasar-ldap.sh # to enable/disable LDAP connection