|
Node Director
|
The "ldapauth" domain template allows writing user account information into an arbitrary target database, e.g. an LDAP tree. It is called ldapauth since the idea behind is that the replicated user information is used for authentication purposes by some secondary system that one does not want to directly access the main database, e.g. because it is located in a DMZ.
The template understands the following configuration options:
Specification which users shall appear in the target database. This is the same as sfiassigneduser.
The URI of the target database. See Database URIs. Though the template's name contains ldap, this need not necessarily be an LDAP accessible database.
If set, the user records class inherited attributes are expanded before replication.
If set, folder information is removed from user records, thus the target structure does not need to have a folder structure at all.
If set, the specified schema is applied before replication, possibly removing or adding attributes that should be invisible/visible on the target.
1.8.1.2