# This is the configuration file for the script mirror_ldap_groups.pl. # # This file should exist in the same folder as the mirror_ldap_groups.pl # script. It should have 600 permissions, and be owned by the # Unix account that Perforce runs as. # # The following are name/value pairs. The first space (' ') on # the line, going from left to right, is the delimiter. # # Define a static 'bind' account that has enough access within # AD verify existence of users, and read AD group data. # Provide a userid and AD password. These must be defined. LDAP_BIND_USER ad_bind_service_user LDAP_BIND_PASSWORD S3cr3tP@ssw0rd # Define the DN string. Your resident AD expert can help # provide this. LDAP_READ_DN DC=ldap,DC=mycompany,DC=com # Define a default email domain, just in case the AD query for # a user's email comes up blank. This is used to guess the # user's email domain as 'userid@<default_email_domain>'. DEFAULT_EMAIL_DOMAIN mycompany.com # If these optional values are defined, they don't need to be # provided on the command line. The AD_GROUPS value may # list a single group or a comma-delimted list of groups. LDAP_HOST ldap.mycompany.com LDAP_PORT 389 LDAP_GROUPS p4.users,p4.admins
# | Change | User | Description | Committed | |
---|---|---|---|---|---|
#2 | 26681 | Robert Cowham |
Removing Deprecated folder - if people want it they can look at past history! All functions have been replaced with standard functionality such as built in LDAP, or default change type. Documentation added for the contents of Unsupported folder. Changes to scripts/triggers are usually to insert tags for inclusion in ASCII Doctor docs. |
||
#1 | 19921 | C. Thomas Tyler |
Reviving LDAP group mirroring scripts, refactored into a different directory. These were deleted because the built-in LDAP authentication mechanism provides a fully supported solution with similar functionality, and since using built-in features is preferred for customers with no compelling reason to use a custom solution. However, some customers require Two Factor Authentication, and that can only be achieved with old-school external authentication triggers and supplemental custom automation. This change introduces a new /p4/common/custom folder, with an 'auth' subfolder as the first example of a custom module. This folder is intended to be for things that are to be distributed with SDP, but are for customers with specific requirements that are not expected to be broadly applicable. The SDP solution would be an interim to provide a two-factor authentication option until such time as that can be offered in the server. As of July 2016, adding built-in support for two-factor authentication is not on the Helix Versioning Engine product roadmap (job048959). |
||
//guest/perforce_software/sdp/dev/Server/Unix/p4/common/bin/mirror_ldap_groups.cfg | |||||
#1 | 10638 | C. Thomas Tyler | Populate perforce_software-sdp-dev. | ||
//guest/perforce_software/sdp/main/Server/Unix/p4/common/bin/mirror_ldap_groups.cfg | |||||
#1 | 10148 | C. Thomas Tyler | Promoted the Perforce Server Deployment Package to The Workshop. |