...
Code Block |
---|
<bean id="configuration" class="org.apache.directory.server.configuration.MutableServerStartupConfiguration"> ... <property name="ldapConfiguration" ref="ldapConfiguration" /> ... </bean> |
Common Service Configuration Parameters
Parameter | Default value | Description |
---|---|---|
enabled | true | Whether this service is enabled. |
ipPort | 389 | The IP port for this service. |
ipAddress | No default. | The IP address for this service. |
searchBaseDn | "ou=users,dc=example,dc=com" | The single location where users are stored. If this property is not set the store will search the system partition configuration for catalog entries. Catalog support is highly experimental and is only tested in the OSGi build of ApacheDS using the Config Admin service. |
initialContextFactory | "org.apache.directory.server.core.jndi.CoreContextFactory" | The JNDI initial context factory to use. |
securityAuthentication | "simple" | The authentication mechanism to use for establishing a JNDI context. |
securityPrincipal | "uid=admin,ou=system" | The principal to use for establishing a JNDI context. |
securityCredentials | "secret" | The credentials to use for establishing a JNDI context. |
serviceName | Apache LDAP Service | The friendly name of this service. |
servicePid | org.apache.directory.server.ldap | The PID for this service. A PID is a unique identifier for an instance of a service. PID's are used by OSGi's Config Admin service to dynamically inject configuration into a service when the service is started. |
catalogBaseDn | No default. | The single location where catalog entries are stored. A catalog entry is a mapping of a realm (or zone for DNS) to a search base DN. If this property is not set the store will expect a single search base DN to be set. Catalog support is highly experimental and is only tested in the OSGi build of ApacheDS using the Config Admin service. |
LDAP-Specific Configuration Parameters
Parameter | Default value | Description |
---|---|---|
allowAnonymousAccess | true | Whether to allow anonymous access. |
maxSizeLimit | 100 | The maximum size limit. |
maxTimeLimit | 10000 | The maximum time limit. |
enableLdaps | false | Whether LDAPS is enabled. |
ldapsCertificateFile | server-work/certificates/server.cert | The path to the certificate file. |
ldapsCertificatePassword | changeit | The certificate password. |
extendedOperationHandlers | No default. | The extended operation handlers. |
supportedMechanisms | SIMPLE, CRAM-MD5, DIGEST-MD5, GSSAPI | The supported authentication mechanisms. |
saslHost | ldap.example.com | The name of this host, validated during SASL negotiation. |
saslPrincipal | ldap/ldap.example.com@EXAMPLE.COM | The service principal, used by GSSAPI. |
saslQop | auth, auth-int, auth-conf | The quality of protection (QoP), used by DIGEST-MD5 and GSSAPI. |
saslRealms | example.com | The list of realms serviced by this host. |