ldap.conf

This file is configured using XML syntax.

Parameters		Possible values	Description	Available from
as variable name in the config file	as environment variable with namespace "planta__server__" as prefix
ldap:context-source
`url`	`ldap__service__url`	ldaps://your.ldap.url:port	Url for DirectoryService, preceded by the protocol and ending with the port
`base`	`ldap__service__base`	ou=user,DC=ldap,DC=url	The base to start in the DirectoryService
`userDn`	`ldap__service__userDn`	maxservice@yourldap.url	A service user for the DirectoryService to have access to it
`password`	`ldap__service__password`	mysecretpassphrase	The password for the service user
`baseEnvironmentProperties`	`ldap__service__java__naming__ldap__attributes__binary`	Map	A list of properties that are passed on to LDAP. The listed attributes for the `java.naming.ldap.attributes.binary` key are read as binary values. If there is more than one attribute, they must be separated by spaces, e.g.: `<map>` `<entry key="java.naming.ldap.attributes.binary" value="objectGUID"/>` `</map>` In the case of the environment variable, only a String must be assigned, e.g. '`objectGUID'`	S 39.5.34
bean:ldapConfig
`ldapUserFilter`	`ldap__attributes__ldapUserFilter`	String	A hardcoded filter to narrow down the search area These are the recommended PLANTA groups to assign users to roles from the DirectoryService. Each of these groups references a role in PLANTA project: - PLANTAProject_Administrator - PLANTAProject_Employee - PLANTAProject_ProjectManager - PLANTAProject_MultiProjectManager - PLANTAProject_DepartmentManager - PLANTAProject_PortfolioManager - PLANTAProject_PMAdministrator
`ldapSearchScope`	`ldap__attributes__ldapSearchScope`	{SUBTREE / OBJECT / ONELEVEL}	The search scope for searches	S 39.5.34
`plantaUserData`	`ldap__attributes__plantaUserData`	Map	A list of all LDAP attributes that are written into the DB when a user logs in or by a query_user_data. They are listed as key - value pairs. The key that is flagged with `login` is used to authenticate the user. The key that is flagged with `uuid` is converted into an UUID String and serves to log the user in. At the moment, only text attributes are allowed, except for the `objectGUID` which is converted into a UUID String. For example: `<map>` `<entry key="userPrincipalName" value="login"/>` `<entry key="mail" value=""/>` `<entry key="sAMAccountName" value=""/>` `<entry key="sn" value=""/>` `<entry key="objectGUID" value="uuid"/>` `</map>` In the case of the environment variable a Array of Strings has to be assigned, e.g. `{'userPrincipalName=login','mail=','sAMAccountName=','distinguishedName=','objectGUID=uuid'}`	S 39.5.34
`ldapUserDN`		String	Attribute name that contains the distinguished name	Up to S 39.5.31
`ldapUserId`		String	Attribute name to add to the ldapUserFilter to search the user	Up to S 39.5.31
`plantaUserId`		String	Attribute name which contains the user name that is forwarded to the login method	Up to S 39.5.31
ldap:ldap-template
`search-scope`		{SUBTREE / ONELEVEL / OBJECT}	The search scope for searches	Up to S 39.5.31

Datenschutzhinweis