diff --git a/rootfs/etc/confd/templates/password-config.inc.php.tmpl b/rootfs/etc/confd/templates/password-config.inc.php.tmpl index 8a606e8..38d80ef 100644 --- a/rootfs/etc/confd/templates/password-config.inc.php.tmpl +++ b/rootfs/etc/confd/templates/password-config.inc.php.tmpl @@ -6,43 +6,15 @@ $config['password_require_nonalpha'] = false; $config['password_hosts'] = null; $config['password_force_save'] = true; -// Default password hashing/crypting algorithm. -// Possible options: des-crypt, ext-des-crypt, md5-crypt, blowfish-crypt, -// sha256-crypt, sha512-crypt, md5, sha, smd5, ssha, samba, ad, dovecot, clear. -// For details see password::hash_password() method. -$config['password_algorithm'] = 'clear'; - +$config['password_algorithm'] = 'sha512-crypt'; $config['password_algorithm_prefix'] = '{CRYPT}'; $config['password_ldap_host'] = '{{getenv "LDAPHOST"}}'; +$config['password_ldap_port'] = '389'; +$config['password_ldap_version'] = '3'; $config['password_ldap_starttls'] = {{getenv "LDAPSTARTTLS"}}; $config['password_ldap_basedn'] = '{{getenv "LDAPBASEDN"}}'; - -// LDAP connection method -// There is two connection method for changing a user's LDAP password. -// 'user': use user credential (recommanded, require password_confirm_current=true) -// 'admin': use admin credential (this mode require password_ldap_adminDN and password_ldap_adminPW) -// Default: 'user' $config['password_ldap_method'] = 'user'; - -// LDAP Admin DN -// Used only in admin connection mode -// Default: null -$config['password_ldap_adminDN'] = null; - -// LDAP Admin Password -// Used only in admin connection mode -// Default: null -$config['password_ldap_adminPW'] = null; - -// LDAP user DN mask -// The user's DN is mandatory and as we only have his login, -// we need to re-create his DN using a mask -// '%login' will be replaced by the current roundcube user's login -// '%name' will be replaced by the current roundcube user's name part -// '%domain' will be replaced by the current roundcube user's domain part -// '%dc' will be replaced by domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" -// Exemple: 'uid=%login,ou=people,dc=exemple,dc=com' $config['password_ldap_userDN_mask'] = '{{getenv "LDAPUSERDNMASK"}}'; $config['password_ldap_encodage'] = 'crypt';