# This is the configuration file for the script mirror_ldap_groups.pl. # # This file should exist in the same folder as the mirror_ldap_groups.pl # script. It should have 600 permissions, and be owned by the # Unix account that Perforce runs as. # # The following are name/value pairs. The first space (' ') on # the line, going from left to right, is the delimiter. # # Define a static 'bind' account that has enough access within # AD verify existence of users, and read AD group data. # Provide a userid and AD password. These must be defined. LDAP_BIND_USER ad_bind_service_user LDAP_BIND_PASSWORD S3cr3tP@ssw0rd # Define the DN string. Your resident AD expert can help # provide this. LDAP_READ_DN DC=ldap,DC=mycompany,DC=com # Define a default email domain, just in case the AD query for # a user's email comes up blank. This is used to guess the # user's email domain as 'userid@<default_email_domain>'. DEFAULT_EMAIL_DOMAIN mycompany.com # If these optional values are defined, they don't need to be # provided on the command line. The AD_GROUPS value may # list a single group or a comma-delimited list of groups. LDAP_HOST ldap.mycompany.com LDAP_PORT 389 LDAP_GROUPS p4.users,p4.admins
Refinements to @27712:
* Resolved one out-of-date file (verify_sdp.sh).
* Added missing adoc file for which HTML file had a change (WorkflowEnforcementTriggers.adoc).
* Updated revdate/revnumber in *.adoc files.
* Additional content updates in Server/Unix/p4/common/etc/cron.d/ReadMe.md.
* Bumped version numbers on scripts with Version= def'n.
* Generated HTML, PDF, and doc/gen files:
- Most HTML and all PDF are generated using Makefiles that call an AsciiDoc utility.
- HTML for Perl scripts is generated with pod2html.
- doc/gen/*.man.txt files are generated with .../tools/gen_script_man_pages.sh.
Removing Deprecated folder - if people want it they can look at past history!
All functions have been replaced with standard functionality such as built in LDAP,
or default change type.
Documentation added for the contents of Unsupported folder.
Changes to scripts/triggers are usually to insert tags for inclusion in ASCII Doctor docs.
Reviving LDAP group mirroring scripts, refactored into a different
These were deleted because the built-in LDAP authentication mechanism
provides a fully supported solution with similar functionality, and
since using built-in features is preferred for customers with no
compelling reason to use a custom solution.
However, some customers require Two Factor Authentication, and that
can only be achieved with old-school external authentication triggers
and supplemental custom automation.
This change introduces a new /p4/common/custom folder, with an 'auth'
subfolder as the first example of a custom module. This folder is
intended to be for things that are to be distributed with SDP, but are
for customers with specific requirements that are not expected to be
The SDP solution would be an interim to provide a two-factor authentication
option until such time as that can be offered in the server. As of July 2016,
adding built-in support for two-factor authentication is not on the Helix
Versioning Engine product roadmap (job048959).
|#1||10148||tom_tyler||Promoted the Perforce Server Deployment Package to The Workshop.|