summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorrebortg <github@ghlr.de>2019-05-12 11:42:07 +0200
committerrebortg <github@ghlr.de>2019-05-12 11:42:07 +0200
commit60fbdfa07e0961b41f9281e30332f3986389f35f (patch)
tree7263e73544991629dc9d1480458e8406b5c1f181
parentd819f17a996c0a3f41b9660d2580055854a3bac2 (diff)
downloadvyos-documentation-60fbdfa07e0961b41f9281e30332f3986389f35f.tar.gz
vyos-documentation-60fbdfa07e0961b41f9281e30332f3986389f35f.zip
add explanation of ldap parameter
-rw-r--r--docs/services/webproxy.rst12
1 files changed, 9 insertions, 3 deletions
diff --git a/docs/services/webproxy.rst b/docs/services/webproxy.rst
index 096a80cd..75f9993a 100644
--- a/docs/services/webproxy.rst
+++ b/docs/services/webproxy.rst
@@ -90,11 +90,11 @@ Directory as authentication backend. Queries are done via LDAP.
children 5
credentials-ttl 60
ldap {
- base-dn DC=rgtest,DC=local
- bind-dn CN=proxyuser,CN=Users,DC=rgtest,DC=local
+ base-dn DC=example,DC=local
+ bind-dn CN=proxyuser,CN=Users,DC=example,DC=local
filter-expression (cn=%s)
password Qwert1234
- server 192.168.188.201
+ server ldap.example.local
username-attribute cn
}
method ldap
@@ -105,6 +105,12 @@ Directory as authentication backend. Queries are done via LDAP.
listen-address 192.168.188.103 {
disable-transparent
}
+
+* ``base-dn`` set the base directory for the search
+* ``bind-dn`` and ``password``: set the user, which is used for the ldap search
+* ``filter-expression``: set the exact filter which a authorized user match in a ldap-search. In this example every User is able to authorized.
+
+You can find more about the ldap authentication `here <http://www.squid-cache.org/Versions/v3/3.2/manuals/basic_ldap_auth.html>`_
Adjusting cache size
^^^^^^^^^^^^^^^^^^^^