+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# LDAP authentication module: Adds the ability to authenticate users #
+# via LDAP. This is an extra module which must be enabled explicitly #
+# by symlinking it from modules/extra, and requires the OpenLDAP libs #
+# #
+#<module name="m_ldapauth.so"> #
+# #
+# Configuration: #
+# #
+# <ldapauth baserdn="ou=People,dc=brainbox,dc=cc" #
+# attribute="uid" #
+# server="ldap://brainwave.brainbox.cc" #
+# allowpattern="Guest*" #
+# killreason="Access denied" #
+# searchscope="subtree" #
+# binddn="cn=Manager,dc=brainbox,dc=cc" #
+# bindauth="mysecretpass" #
+# verbose="yes"> #
+# #
+# The baserdn indicates the base DN to search in for users. Usually #
+# this is 'ou=People,dc=yourdomain,dc=yourtld'. #
+# #
+# The attribute value indicates the attribute which is used to locate #
+# a user account by name. On POSIX systems this is usually 'uid'. #
+# #
+# The server parameter indicates the LDAP server to connect to. The #
+# ldap:// style scheme before the hostname proper is MANDITORY. #
+# #
+# The allowpattern value allows you to specify a wildcard mask which #
+# will always be allowed to connect regardless of if they have an #
+# account, for example guest users. #
+# #
+# Killreason indicates the QUIT reason to give to users if they fail #
+# to authenticate. #
+# #
+# The searchscope value indicates the subtree to search under. On our #
+# test system this is 'subtree'. Your mileage may vary. #
+# #
+# Setting the verbose value causes an oper notice to be sent out for #
+# every failed authentication to the server, with an error string. #
+# #
+# The binddn and bindauth indicate the DN to bind to for searching, #
+# and the password for the distinguished name. Some LDAP servers will #
+# allow anonymous searching in which case these two values do not #
+# need defining, otherwise they should be set similar to the examples #
+# above. #
+