<% ldap_server = "ldap-master.#{domain}" ldap_account = "cn=catdap-#{hostname},ou=System Accounts,#{dc_suffix}" %> organisation: Mageia apptitle: Mageia Identity Management emailfrom: noreply@<%= domain %> Model::Proxy: base: ou=People,<%= dc_suffix %> dn: <%= ldap_account %> password: <%= scope.lookupvar("catdap::ldap_password") %> Model::User: base: <%= dc_suffix %> host: <%= ldap_server %> start_tls: 1 authentication: default_realm: ldap realms: ldap: store: ldap_server: <%= ldap_server %> binddn: <%= ldap_account %> bindpw: <%= scope.lookupvar("catdap::ldap_password") %> user_basedn: ou=People,<%= dc_suffix %> role_basedn: <%= dc_suffix %> register: login_regex: ^[a-z][a-z0-9]*$ login_blacklist: - abuse - apache - bcd - hostmaster - iurt - listmaster - MAILER-DAEMON - mirror - noc - postmaster - president - schedbot - secretary - security - signbot - treasurer - webmaster - www email_domain_blacklist: - armyspy.com - bitmessage.ch - codehot.co.uk - crazymailing.com - dayrep.com - group.mageia.org - grr.la - guerrillamail.biz - guerrillamail.com - guerrillamail.de - guerrillamail.info - guerrillamail.net - guerrillamail.org - guerrillamailblock.com - jourrapide.com - ml.mageia.org - namecheap.com - pokemail.net - rhyta.com - runbox.com - sharklasers.com - spam4.me - vmani.com - wowring.ru - yopmail.com - zasod.com Controller::User: editable_attrs: - cn - sn - givenName - mobile - mailForwardingAddress - preferredLanguage uneditable_attrs: - uid - uidNumber - gidNumber - homeDirectory - mail - sshPublicKey - loginShell skip_attrs: - objectClass - krb5Key - sambaMungedDial - sambaPasswordHistory - userPassword - sambaLMPassword - sambaNTPassword - sambaPwdMustChange - sambaSID - sambaPrimaryGroupSID - sambaAcctFlags - sambaPwdCanChange - sambaPwdLastSet - sambaKickOffTime - sambaUserWorkstations - sambaLogonTime - krb5KeyVersionNumber - krb5PasswordEnd - krb5MaxLife - krb5MaxRenew - krb5KDCFlags - shadowLastChange - roomNumber - secretary