# A Perforce Ldap Configuration Specification.
#
# Name: The LDAP configuration name.
# Host: The FQDN of the directory server.
# Port: The port number on which to connect to the directory server.
# Encryption: The encryption method to use when connecting to the
# directory server. Options are: 'none', 'ssl' and 'tls'.
# BindMethod: The bind method to use with this directory. Options are:
# 'simple', 'search' and 'sasl'.
# Options: LDAP Options:
# [no]downcase [no]getattrs [no]realminusername
#
# The following field only applies to the 'simple' bind method.
#
# SimplePattern: This is the DN which will be used to bind against to
# validate the user's credentials. The %user% placeholder
# will be replaced with the user's userId.
#
# The following fields only apply to the 'search' bind method; however they
# may also be used by 'p4 ldapsync' and for user creation with 'p4 login'.
#
# SearchBaseDN: The DN from which to start the search for the user object.
# SearchFilter: The LDAP query filter to use to identify the user object
# which will be used to bind against. The %user% placeholder
# will be replaced with the user's userId.
# SearchScope: The scope to use when searching for the user records.
# Options are:
# baseonly - Just the BaseDN object
# children - The BaseDN and its direct children
# subtree - The BaseDN and all objects below it
# SearchBindDN: The DN to bind against in order to search the directory.
# SearchPasswd: The password for the BindDN record.
#
# The following field only applies to the 'sasl' bind method.
#
# SaslRealm: The optional realm to use when authenticating the user via SASL.
#
# The following fields are related to group membership within the directory.
# Set 'GroupSearchFilter' if users must belong to a specific group within
# the directory. The remaining two fields may also be used by 'p4 ldapsync'.
#
# GroupSearchFilter: The filter to use for the group search.
# GroupBaseDN: The search base for performing the group search. If unset
# this will default to the SearchBaseDN.
# GroupSearchScope: The scope to use when performing the group search.
# Options are:
# baseonly - Just the BaseDN object
# children - The BaseDN and its direct children
# subtree - The BaseDN and all objects below it
#
# The following fields are used to populate new user specifications created
# with 'p4 login' when the 'auth.ldap.userautocreate' configurable is set
# to to 1 and the 'getattrs' option is enabled.
#
# AttributeUid: The name of the attribute in the directory's user
# records that contain the users' UIDs.
# AttributeName: The name(s) of the attribute(s) in the directory's user
# records that contain the users' full names.
# AttributeEmail: The name of the attribute in the directory's user
# records that contain the users' email addresses.
#
# Use 'p4 help ldap' to see more about ldap specification.
Name: ldap_test
Host: 192.168.33.253
Port: 389
Encryption: none
BindMethod: search
Options: nodowncase nogetattrs norealminusername
SearchBaseDN: dc=example,dc=com
SearchFilter: (&(objectClass=User)(cn=%user%))
SearchScope: subtree
SearchBindDN: cn=admin,dc=example,dc=com
SearchPasswd: ******
GroupSearchScope: subtree
AttributeUid: sAMAccountName
AttributeName: displayName
AttributeEmail: mail