add sample and schema yaml files

This commit is contained in:
Lars Kanis 2011-05-24 08:06:08 +02:00
parent 5800f7cbc4
commit adab86a3f0
3 changed files with 109 additions and 2 deletions

45
config/sample-config.yaml Normal file
View File

@ -0,0 +1,45 @@
# Connection parameters to LDAP server
# see also: http://net-ldap.rubyforge.org/Net/LDAP.html#method-c-new
ldap_connection:
host: localhost
port: 389
auth:
method: :simple
username: CN=username,OU=!Serviceaccounts,OU=company,DC=company,DC=de
password: secret
# Search parameters for LDAP users which should be synchronized
ldap_users:
base: OU=company,OU=company,DC=company,DC=de
filter: (&(objectClass=person)(objectClass=organizationalPerson)(givenName=*)(sn=*))
# this attribute is used as PG role name
name_attribute: sAMAccountName
# Search parameters for LDAP groups which should be synchronized
ldap_groups:
base: OU=company,OU=company,DC=company,DC=de
filter: (|(cn=cc.group1)(cn=group2)(cn=group3))
# this attribute is used as PG role name
name_attribute: cn
# this attribute must reference to all member DN's of the given group
member_attribute: member
# Connection parameters to PostgreSQL server
# see also: http://rubydoc.info/gems/pg/0.11.0/PGconn#initialize-instance_method
pg_connection:
host:
dbname: postgres
user: db-username
password:
pg_users:
# WHERE-condition to identify LDAP generated users
filter: rolcanlogin AND NOT rolsuper
create_options: LOGIN
pg_groups:
# WHERE-condition to identify LDAP generated groups
filter: NOT rolcanlogin
create_options: NOLOGIN
grant_options:

62
config/schema.yaml Normal file
View File

@ -0,0 +1,62 @@
type: map
mapping:
"ldap_connection":
type: any
required: yes
"ldap_users":
type: map
required: yes
mapping:
"base":
type: str
required: yes
"filter":
type: str
required: yes
"name_attribute":
type: str
required: yes
"ldap_groups":
type: map
required: yes
mapping:
"base":
type: str
required: yes
"filter":
type: str
required: yes
"name_attribute":
type: str
required: yes
"member_attribute":
type: str
required: yes
"pg_connection":
type: any
required: yes
"pg_users":
type: map
required: yes
mapping:
"filter":
type: str
required: yes
"create_options":
type: str
"pg_groups":
type: map
required: yes
mapping:
"filter":
type: str
required: yes
"create_options":
type: str
"grant_options":
type: str

View File

@ -61,7 +61,7 @@ class Application
name = entry[ldap_user_conf[:name_attribute]].first
unless name
log.warn "user attribute #{ldap_user_conf[:name_attribute].inspect} not found for #{entry.dn}"
log.warn "user attribute #{ldap_user_conf[:name_attribute].inspect} not defined for #{entry.dn}"
next
end
@ -86,7 +86,7 @@ class Application
name = entry[ldap_group_conf[:name_attribute]].first
unless name
log.warn "user attribute #{ldap_group_conf[:name_attribute].inspect} not found for #{entry.dn}"
log.warn "user attribute #{ldap_group_conf[:name_attribute].inspect} not defined for #{entry.dn}"
next
end