Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
SPLAT.CONF(5)			Splat Man Pages			 SPLAT.CONF(5)

NAME
       splat.conf - Scalable Periodic LDAP Attribute Transmogrifier
       configuration file

INTRODUCTION
       The Splat configuration file is composed	of three different section
       types:

       o   LDAP	Configuration

       o   Service Helper Configuration

       o   Logging Configuration

       The configuration uses an Apache-style syntax:

	   <LDAP>
	       # The LDAP Server configuration.
	       # URI of	the server(s)
	       URI	   ldaps://ldap1.example.com
	       # The default search base for the server
	       BaseDN	   dc=example,dc=com
	   </LDAP>

LDAP CONFIGURATION
       The LDAP	section	defines	connection parameters for your LDAP server,
       and may appear once within a Splat configuration	file. If you make use
       of SSL/TLS, you will need to ensure that	the appropriate	settings are
       enabled in your system ldap.conf	(e.g.  TLS_CACERT or TLS_CACERTDIR, if
       necessary).

   LDAP	Configuration Options
       URI
	   URI of the LDAP server(s).

       BaseDN
	   Default Search Base DN.

       BindDN
	   LDAP	Bind DN. If omitted, Slap will use an anonymous	bind.

       Password
	   LDAP	Bind Password.

LOGGING	CONFIGURATION
       The Logging section configures logging for the Splat daemon. It is
       composed	of any number of syslog	or logfile subsections and a global
       Level setting.

       Level
	   Log Verbosity. One of: debug, info, warning,	error, critical

   Syslog Configuration	Options
       Facility
	   Syslog Facility.

       Address
	   Address of syslog server, or	pathname to syslog socket. This	varies
	   between hosts. FreeBSD's syslog socket is located at	/var/run/log,
	   while Linux systems often use /dev/log.

   Logfile Configuration Options
       Path
	   Path	to log file, or	reference to Python file object	such as
	   STDOUT.

SERVICE	HELPER CONFIGURATION
       The Service section configures Splat's service helper modules. It is
       composed	service-specific settings, including any number	of Option, and
       Group subsections. Group	and Service names (such	as UserSSH or
       Administrators) must be unique within their scope, but are not
       interpreted by Splat in any other way.

       Option subsections may be specified in both the Service section and the
       Group subsection. Options are used to set and unset helper-specific
       settings. Module	options	are documented in the module-specific
       documentation. Example:

	   <Option mingid>
	     # Do not write keys for users with	a GID less than	mingid
	     Value 1000
	   </Option>

	   # Unset the Command option
	   <Option command/>

   Service Configuration Options
       Helper
	   Python Helper Module. Example: splat.helpers.sshPublicKeys

       Frequency
	   Frequency at	which helper is	invoked. Units may be specified	in
	   hours (h), minutes (m), or seconds (s).

       SearchBase
	   LDAP	search base. If	left unspecified, defaults to the BaseDN
	   specified in	the LDAP configuration section.

       SearchFilter
	   LDAP	search filter. All records that	match this filter (and,
	   optionally, are members of a	permitted group) will be passed	to the
	   service helper module.

       RequireGroup (yes/no)
	   Require that	returned entries match one of the specified Groups.

   Group Configuration Options
       SearchBase
	   LDAP	search base. If	left unspecified, defaults to the BaseDN
	   specified in	the LDAP configuration section.

       SearchFilter
	   LDAP	search filter. All records that	match this filter will
	   determine this groups membership. The filter	should return
	   groupOfUniqueNames or groupOfNames objects. I suggest using
	   RFC2307bis to combine posixGroup and	groupOfUniqueName.

       MemberAttribute
	   LDAP	attribute used to store	member DNs. Defaults to	uniqueMember.

EXAMPLES
       An example configuration	file splat.conf	is included with the Splat
       source.

SEE ALSO
       splatd(8) ldap.conf(5)

       http://code.google.com/p/splatd.

AUTHORS
       Nick Barkas <snb@threerings.net>
	   Author.

       Landon Fuller <landonf@threerings.net>
	   Author.

COPYRIGHT
				  2006-05-14			 SPLAT.CONF(5)

NAME | INTRODUCTION | LDAP CONFIGURATION | LOGGING CONFIGURATION | SERVICE HELPER CONFIGURATION | EXAMPLES | SEE ALSO | AUTHORS | COPYRIGHT

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=splat.conf&sektion=5&manpath=FreeBSD+12.2-RELEASE+and+Ports>

home | help