COM-FSM

LDAP Server

Page last modified 04:18, 11 Jul 2013 by kgirrard
    Table of contents
    No headers

    Version as of 11:25, 24 Oct 2025

    to this version.

    Return to Version archive.

    View current version

    Information about the LDAP server is managed on the Organization form and described in detail below.

    LDAPConfig.pngUse LDAP - If integration with an LDAP server is desired, this must be checked and the remainder of the information supplied.

    Server URL - The LDAP protocol URL that identifies the server that should be queried and updated. The LDAP server can reside on the same host as the database (localhost) or be on another system.

    Auth CN - The common name (CN) identifying a user with access to query and update records within the LDAP database (when used for authentication, this CN is combined only with the Base DN). This can be any configured LDAP user, but must have size and time limits set to "unlimited." For OpenLDAP's slapd.conf file this would can be accomplished with something similar to:

    # Override limits for SIS integration user
    limits dn.exact="cn=SISUser,dc=comfsm,dc=fm" size=unlimited time=unlimited
    When using the account identified as the rootdn within LDAP, the size and time limits are unlimited by default, so no additional configuration would be necessary.

    Password - The password used when connecting to LDAP as the Auth CN user.

    Base DN - The distinguished name that all managed data is a child of.

    Group DN - The full DN where group information is stored. Groups are stored using the posixGroup object class.

    Mailing list support is provided with a combination of sendmail's LDAP integration and a script (wrapper) to handle security of messages sent to mailing lists. Configuration within the SIS describes where data is placed in the LDAP hierarchy, and how sendmail should locate alias information. See LDAP for Aliases, Maps, and Classes for more information on sendmail integration with LDAP.

    MTA Alias DN - The full DN where alias information in stored. Alias support is based on sendmail's built-in map specification.

    MTA Alias Match - Sendmail queries LDAP either by hostname or with a configured cluster name. When matching as Host you must specify the hostname of the mail server. When matching as Cluster, specify a cluster name that matches the name configured in sendmail (example shows configuration in sendmail.mc):

    define(`confLDAP_CLUSTER', `MailCluster')dnl
     
    Powered by MindTouch Core