Commit 8b97e7cb authored by Jonathan Gazeley's avatar Jonathan Gazeley
Browse files

Restore proper indentation

parent 7dbbc346
......@@ -18,7 +18,7 @@ ldap <%= @name %> {
# - ldapi:// (LDAP over Unix socket)
# - ldapc:// (Connectionless LDAP)
#
<% @serverconcatarray.each do |srv| -%> server = '<%= srv %>'
<% @serverconcatarray.each do |srv| -%> server = '<%= srv %>'
<% end -%>
# Port to connect on, defaults to 389, will be ignored for LDAP URIs.
......@@ -27,10 +27,10 @@ ldap <%= @name %> {
# Administrator account for searching and possibly modifying.
# If using SASL + KRB5 these should be commented out.
<%- if @identity -%>
identity = '<%= @identity %>'
identity = '<%= @identity %>'
<%- end -%>
<%- if @password -%>
password = <%= @password %>
password = <%= @password %>
<%- end -%>
# Unless overridden in another section, the dn from which all
......@@ -61,19 +61,19 @@ ldap <%= @name %> {
# SASL mechanism
# mech = 'PLAIN'
<%- if @sasl.has_key?('mech') -%>
mech = '<%= @sasl['mech'] %>'
mech = '<%= @sasl['mech'] %>'
<%- end -%>
# SASL authorisation identity to proxy.
# proxy = 'autz_id'
<%- if @sasl.has_key?('proxy') -%>
proxy = '<%= @sasl['proxy'] %>'
proxy = '<%= @sasl['proxy'] %>'
<%- end -%>
# SASL realm. Used for kerberos.
# realm = 'example.org'
<%- if @sasl.has_key?('realm') -%>
realm = '<%= @sasl['realm'] %>'
realm = '<%= @sasl['realm'] %>'
<%- end -%>
}
......@@ -96,7 +96,7 @@ ldap <%= @name %> {
# will be xlat expanded.
# valuepair_attribute = 'radiusAttribute'
<%- if @valuepair_attribute -%>
valuepair_attribute = <%= @valuepair_attribute %>
valuepair_attribute = <%= @valuepair_attribute %>
<%- end -%>
#
......@@ -127,9 +127,9 @@ ldap <%= @name %> {
# the name to be derived from an xlat expansion, or an attribute ref.
#
<%- if @update -%>
update {
<%= @update.join("\n ") %>
}
update {
<%= @update.join("\n ") %>
}
<%- else -%>
update {
control:Password-With-Header += 'userPassword'
......@@ -152,7 +152,7 @@ ldap <%= @name %> {
# password mechanism.
# edir = no
<%- if @edir -%>
edir = <%= @edir %>
edir = <%= @edir %>
<%- end -%>
# Set to yes if you want to bind as the user after retrieving the
......@@ -160,7 +160,7 @@ ldap <%= @name %> {
# verify user authorization.
# edir_autz = no
<%- if @edir_autz -%>
edir_autz = <%= @edir_autz %>
edir_autz = <%= @edir_autz %>
<%- end -%>
# Note: set_auth_type was removed in v3.x.x
......@@ -198,26 +198,26 @@ ldap <%= @name %> {
# SASL mechanism
# mech = 'PLAIN'
<%- if @user_sasl.has_key?('mech') -%>
mech = '<%= @user_sasl['mech'] %>'
mech = '<%= @user_sasl['mech'] %>'
<%- end -%>
# SASL authorisation identity to proxy.
# proxy = &User-Name
<%- if @user_sasl.has_key?('proxy') -%>
proxy = '<%= @user_sasl['proxy'] %>'
proxy = '<%= @user_sasl['proxy'] %>'
<%- end -%>
# SASL realm. Used for kerberos.
# realm = 'example.org'
<%- if @user_sasl.has_key?('realm') -%>
realm = '<%= @user_sasl['realm'] %>'
realm = '<%= @user_sasl['realm'] %>'
<%- end -%>
}
# Search scope, may be 'base', 'one', sub' or 'children'
# scope = 'sub'
<%- if @user_scope -%>
scope = '<%= @user_scope %>'
scope = '<%= @user_scope %>'
<%- end -%>
# Server side result sorting
......@@ -237,7 +237,7 @@ ldap <%= @name %> {
# set, the search will fail.
# sort_by = '-uid'
<%- if @user_sort_by -%>
sort_by = '<%= @user_sort_by %>'
sort_by = '<%= @user_sort_by %>'
<%- end -%>
# If this is undefined, anyone is authorised.
......@@ -245,7 +245,7 @@ ldap <%= @name %> {
# determine whether or not the user is authorised
# access_attribute = 'dialupAccess'
<%- if @user_access_attribute -%>
access_attribute = '<%= @user_access_attribute %>'
access_attribute = '<%= @user_access_attribute %>'
<%- end -%>
# Control whether the presence of 'access_attribute'
......@@ -272,7 +272,7 @@ ldap <%= @name %> {
# Will result in the user being locked out.
# access_positive = yes
<%- if @user_access_positive -%>
access_positive = <%= @user_access_positive %>
access_positive = <%= @user_access_positive %>
<%- end -%>
}
......@@ -281,16 +281,16 @@ ldap <%= @name %> {
#
group {
# Where to start searching in the tree for groups
base_dn = "<%= @group_base_dn %>"
base_dn = "<%= @group_base_dn %>"
# Filter for group objects, should match all available
# group objects a user might be a member of.
filter = "<%= @group_filter %>"
filter = "<%= @group_filter %>"
# Search scope, may be 'base', 'one', sub' or 'children'
# scope = 'sub'
<%- if @group_scope -%>
scope = '<%= @group_scope %>'
scope = '<%= @group_scope %>'
<%- end -%>
# Attribute that uniquely identifies a group.
......@@ -298,7 +298,7 @@ ldap <%= @name %> {
# names.
# name_attribute = cn
<%- if @group_name_attribute -%>
name_attribute = <%= @group_name_attribute %>
name_attribute = <%= @group_name_attribute %>
<%- end -%>
# Filter to find group objects a user is a member of.
......@@ -306,7 +306,7 @@ ldap <%= @name %> {
# identify members (the inverse of membership_attribute).
# membership_filter = "(|(member=%{control:Ldap-UserDn})(memberUid=%{%{Stripped-User-Name}:-%{User-Name}}))"
<%- if @group_membership_filter -%>
membership_filter = "<%= @group_membership_filter %>"
membership_filter = "<%= @group_membership_filter %>"
<%- end -%>
# The attribute in user objects which contain the names
......@@ -315,7 +315,7 @@ ldap <%= @name %> {
# Unless a conversion between group name and group DN is
# needed, there's no requirement for the group objects
# referenced to actually exist.
membership_attribute = '<%= @group_membership_attribute %>'
membership_attribute = '<%= @group_membership_attribute %>'
# If cacheable_name or cacheable_dn are enabled,
# all group information for the user will be
......@@ -333,11 +333,11 @@ ldap <%= @name %> {
# cacheable_dn else enable cacheable_name.
# cacheable_name = 'no'
<%- if @group_cacheable_name -%>
cacheable_name = '<%= @group_cacheable_name %>'
cacheable_name = '<%= @group_cacheable_name %>'
<%- end -%>
# cacheable_dn = 'no'
<%- if @group_cacheable_dn -%>
cacheable_dn = '<%= @group_cacheable_dn %>'
cacheable_dn = '<%= @group_cacheable_dn %>'
<%- end -%>
# Override the normal cache attribute (<inst>-LDAP-Group or
......@@ -346,14 +346,14 @@ ldap <%= @name %> {
# are used in fail-over.
# cache_attribute = 'LDAP-Cached-Membership'
<%- if @group_cache_attribute -%>
cache_attribute = '<%= @group_cache_attribute %>'
cache_attribute = '<%= @group_cache_attribute %>'
<%- end -%>
# Override the normal group comparison attribute name
# (<inst>-LDAP-Group or LDAP-Group if using the default instance) .
# group_attribute = "${.:instance}-${.:name}-Group"
<%- if @group_attribute -%>
group_attribute = '<%= @group_attribute %>'
group_attribute = '<%= @group_attribute %>'
<%- end -%>
}
......@@ -366,7 +366,7 @@ ldap <%= @name %> {
# Filter for RADIUS profile objects
# filter = '(objectclass=radiusprofile)'
<%- if @profile_filter -%>
filter = '<%= @profile_filter %>'
filter = '<%= @profile_filter %>'
<%- end -%>
# The default profile. This may be a DN or an attribute
......@@ -376,7 +376,7 @@ ldap <%= @name %> {
# set this to &control:User-Profile.
# default = 'cn=radprofile,dc=example,dc=org'
<%- if @profile_default -%>
default = '<%= @profile_default %>'
default = '<%= @profile_default %>'
<%- end -%>
# The LDAP attribute containing profile DNs to apply
......@@ -386,7 +386,7 @@ ldap <%= @name %> {
# if authorization is successful.
# attribute = 'radiusProfileDn'
<%- if @profile_default -%>
attribute = '<%= @profile_attribute %>'
attribute = '<%= @profile_attribute %>'
<%- end -%>
}
......@@ -395,17 +395,17 @@ ldap <%= @name %> {
#
client {
# Where to start searching in the tree for clients
base_dn = "<%= @client_base_dn %>"
base_dn = "<%= @client_base_dn %>"
#
# Filter to match client objects
#
filter = '<%= @client_filter %>'
filter = '<%= @client_filter %>'
# Search scope, may be 'base', 'one', 'sub' or 'children'
# scope = 'sub'
<%- if @client_scope -%>
scope = '<%= @client_scope %>'
scope = '<%= @client_scope %>'
<%- end -%>
#
......@@ -450,7 +450,7 @@ ldap <%= @name %> {
# Load clients on startup
# read_clients = no
<%- if @read_clients -%>
read_clients = <%= @read_clients %>
read_clients = <%= @read_clients %>
<%- end -%>
#
......@@ -519,7 +519,7 @@ ldap <%= @name %> {
# LDAP_OPT_DEREF is set to this value.
# dereference = 'always'
<%- if @dereference -%>
dereference = '<%= @dereference %>'
dereference = '<%= @dereference %>'
<%- end -%>
#
......@@ -529,15 +529,15 @@ ldap <%= @name %> {
# If you set these to 'no', then searches will likely return
# 'operations error', instead of a useful result.
#
chase_referrals = <%= @chase_referrals %>
rebind = <%= @rebind %>
chase_referrals = <%= @chase_referrals %>
rebind = <%= @rebind %>
#
# On rebind, use the credentials from the rebind url instead
# of admin credentials used during the initial bind.
# Default 'no'
#
use_referral_credentials = <%= @use_referral_credentials %>
use_referral_credentials = <%= @use_referral_credentials %>
#
# If 'yes', then include draft-wahl-ldap-session tracking
......@@ -550,7 +550,7 @@ ldap <%= @name %> {
#
# session_tracking = yes
<%- if @session_tracking -%>
session_tracking = <%= @session_tracking %>
session_tracking = <%= @session_tracking %>
<%- end -%>
# Seconds to wait for LDAP query to finish. default: 20
......@@ -560,7 +560,7 @@ ldap <%= @name %> {
# time limit). default: 20
#
# LDAP_OPT_TIMELIMIT is set to this value.
srv_timelimit = <%= @timelimit %>
srv_timelimit = <%= @timelimit %>
# LDAP_OPT_X_KEEPALIVE_IDLE
idle = <%= @idle %>
......@@ -578,7 +578,7 @@ ldap <%= @name %> {
#
# default: 0x0000 (no debugging messages)
# Example:(LDAP_DEBUG_FILTER+LDAP_DEBUG_CONNS)
ldap_debug = <%= @ldap_debug %>
ldap_debug = <%= @ldap_debug %>
}
#
......@@ -611,7 +611,7 @@ ldap <%= @name %> {
<% end -%>
# random_file = /dev/urandom
<%- if @random_file -%>
random_file = <%= @random_file %>
random_file = <%= @random_file %>
<%- end -%>
# Certificate Verification requirements. Can be:
......@@ -675,19 +675,19 @@ ldap <%= @name %> {
# The number of seconds to wait after the server tries
# to open a connection, and fails. During this time,
# no new connections will be opened.
retry_delay = <%= @retry_delay %>
retry_delay = <%= @retry_delay %>
# The lifetime (in seconds) of the connection
lifetime = <%= @lifetime %>
lifetime = <%= @lifetime %>
# Idle timeout (in seconds). A connection which is
# unused for this length of time will be closed.
idle_timeout = <%= @idle_timeout %>
idle_timeout = <%= @idle_timeout %>
# Connection timeout (in seconds). The maximum amount of
# time to wait for a new connection to be established.
# Sets LDAP_OPT_NETWORK_TIMEOUT in libldap.
connect_timeout = <%= @connect_timeout %>
connect_timeout = <%= @connect_timeout %>
# NOTE: All configuration settings are enforced. If a
# connection is closed because of 'idle_timeout',
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment