roundcube/rootfs/etc/confd/templates/password-config.inc.php.tmpl

50 lines
2.0 KiB
Cheetah

<?php
$config['password_driver'] = 'ldap_simple';
$config['password_confirm_current'] = true;
$config['password_require_nonalpha'] = false;
$config['password_hosts'] = null;
$config['password_force_save'] = true;
// Default password hashing/crypting algorithm.
// Possible options: des-crypt, ext-des-crypt, md5-crypt, blowfish-crypt,
// sha256-crypt, sha512-crypt, md5, sha, smd5, ssha, samba, ad, dovecot, clear.
// For details see password::hash_password() method.
$config['password_algorithm'] = 'clear';
$config['password_algorithm_prefix'] = '{CRYPT}';
$config['password_ldap_host'] = '{{getenv "LDAPHOST"}}';
$config['password_ldap_starttls'] = {{getenv "LDAPSTARTTLS"}};
$config['password_ldap_basedn'] = '{{getenv "LDAPBASEDN"}}';
// LDAP connection method
// There is two connection method for changing a user's LDAP password.
// 'user': use user credential (recommanded, require password_confirm_current=true)
// 'admin': use admin credential (this mode require password_ldap_adminDN and password_ldap_adminPW)
// Default: 'user'
$config['password_ldap_method'] = 'user';
// LDAP Admin DN
// Used only in admin connection mode
// Default: null
$config['password_ldap_adminDN'] = null;
// LDAP Admin Password
// Used only in admin connection mode
// Default: null
$config['password_ldap_adminPW'] = null;
// LDAP user DN mask
// The user's DN is mandatory and as we only have his login,
// we need to re-create his DN using a mask
// '%login' will be replaced by the current roundcube user's login
// '%name' will be replaced by the current roundcube user's name part
// '%domain' will be replaced by the current roundcube user's domain part
// '%dc' will be replaced by domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
// Exemple: 'uid=%login,ou=people,dc=exemple,dc=com'
$config['password_ldap_userDN_mask'] = '{{getenv "LDAPUSERDNMASK"}}';
$config['password_ldap_encodage'] = 'crypt';
$config['password_ldap_pwattr'] = '{{getenv "LDAPPASSWORDATTRIBUTE"}}';
$config['password_ldap_force_replace'] = true;