summaryrefslogtreecommitdiff
path: root/docs/modules.conf.example
diff options
context:
space:
mode:
authorPierre Carrier <pierre@spotify.com>2011-09-14 15:24:55 +0200
committerPierre Carrier <pierre@spotify.com>2012-04-10 22:36:05 +0200
commit16cbb628161960eb87d5b2e8bdd62842b8eb0723 (patch)
tree4d0c3757d071c33d10c121c8ce7e1b38d4b37f79 /docs/modules.conf.example
parent418b77dd9d87600cefa74cac38f4becc4c98a026 (diff)
extras/m_ldapauth: CIDR-based whitelisting
Offer host-based whitelisting in the ldap module. Used to trust clients from internal networks, whilst requiring authentication from "outsiders".
Diffstat (limited to 'docs/modules.conf.example')
-rw-r--r--docs/modules.conf.example10
1 files changed, 10 insertions, 0 deletions
diff --git a/docs/modules.conf.example b/docs/modules.conf.example
index 8ae47d81f..21ee3d829 100644
--- a/docs/modules.conf.example
+++ b/docs/modules.conf.example
@@ -960,6 +960,8 @@
# bindauth="mysecretpass" #
# verbose="yes"> #
# #
+# <ldapwhitelist cidr="10.42.0.0/16"> #
+# #
# The baserdn indicates the base DN to search in for users. Usually #
# this is 'ou=People,dc=yourdomain,dc=yourtld'. #
# #
@@ -987,6 +989,14 @@
# allow anonymous searching in which case these two values do not #
# need defining, otherwise they should be set similar to the examples #
# above. #
+# #
+# ldapwhitelist indicates that clients connecting from an IP in the #
+# provided CIDR do not need to authenticate against LDAP. It can be #
+# repeated to whitelist multiple CIDRs. #
+
+# ldapwhitelist indicates that clients connecting from the associated #
+# CIDR do to authenticate against LDAP. It can be used multiple #
+# times. #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# LDAP oper configuration module: Adds the ability to authenticate #