[SR-Dev] git:janakj/ldap: - latest version of the configuration file for ldap module

Jan Janak jan at iptel.org
Fri Feb 13 00:57:02 CET 2009 

Module: sip-router
Branch: janakj/ldap
Commit: 22de964d0177a19af48cdf53b2813cde0c8e1e09
URL:    http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=22de964d0177a19af48cdf53b2813cde0c8e1e09

Author: Jan Janak <jan at iptel.org>
Committer: Jan Janak <jan at iptel.org>
Date:   Mon May 12 12:21:03 2008 +0000

- latest version of the configuration file for ldap module

---

 modules/db_ldap/ldap.cfg |   38 ++++++++++++++++++++++++++++++--------
 1 files changed, 30 insertions(+), 8 deletions(-)

diff --git a/modules/db_ldap/ldap.cfg b/modules/db_ldap/ldap.cfg
index 596d37f..6e69119 100644
--- a/modules/db_ldap/ldap.cfg
+++ b/modules/db_ldap/ldap.cfg
@@ -1,9 +1,31 @@
+#
+# This is a configuration file for the LDAP module in SER. The configuration
+# file maps database table names used in SER to LDAP directory sub-trees to
+# be searched. In addition to that the configuration file also allows to
+# configure the LDAP search filter and maps database field names to
+# LDAP attribute names and vice versa.
+#
+
+# Table credentials contains SIP digest authentication credentials.
 [credentials]
-base="ou=Digest Credentials,dc=iptel,dc=org"
-scope=sub
-filter="(objectClass=digestAuthCredentials)"
-field=password:digestPassword
-field=realm:digestRealm
-field=auth_username:digestUsername
-field=uid:serUID
-field=flags:serFlags
+
+# In our LDAP directory we store SIP digest credentials under 
+# "Digest Credentials" organization unit so this is where searches for digest 
+# credentials should start.
+base = "ou=Digest Credentials,dc=iptel,dc=org"
+
+# We search all the children but not the ou object itself.
+scope = children
+
+# For digest credentials we are only interested in objects with objectClass 
+# 'digestAuthCredentials', objects of all other types are ignored.
+filter = "(objectClass=digestAuthCredentials)"
+
+# Mapping of field names to LDAP attribute names and vice versa. Names are
+# delimited using ':', the first name is database field name as used in SER
+# modules, the second name (after :) is corresponding LDAP attribute name.
+field_map = password : digestPassword
+field_map = realm : digestRealm
+field_map = auth_username : digestUsername
+field_map = uid : serUID
+field_map = flags : serFlags

More information about the sr-dev mailing list