YPLDAP.CONF(5)            FreeBSD File Formats Manual           YPLDAP.CONF(5)

NAME
     ypldap.conf - LDAP YP map daemon configuration file

DESCRIPTION
     The ypldap(8) daemon provides YP maps using LDAP as a backend.

SECTIONS
     The ypldap.conf config file is divided into three main sections.

     Macros
           User-defined variables may be defined and used later, simplifying
           the configuration file.

     Global Configuration
           Global settings for ypldap(8).

     Directories
           LDAP Directory specific parameters.

MACROS
     Much like cpp(1) or m4(1), macros can be defined that will later be
     expanded in context.  Macro names must start with a letter, digit, or
     underscore, and may contain any of those characters.  Macro names may not
     be reserved words (for example, domain).  Macros are not expanded inside
     quotes.

     For example:

           fixed_gecos="Pulled from LDAP"

           fixed attribute gecos $fixed_gecos

GLOBAL CONFIGURATION
     Global settings concern the main behaviour of the daemon.

     domain string
             Specify the name of the NIS domain ypldap.conf will provide.
     interval seconds
             Specify the interval in seconds at which the whole directory will
             be pulled from LDAP.
     provide map string
             Specify a map that should be provided by ypldap.conf The
             currently implemented maps are: passwd.byname, passwd.byuid,
             group.byname, group.bygid.

DIRECTORIES
     Directories are used to describe the LDAP schema and help ypldap.conf
     convert LDAP entries to passwd(5), master.passwd(5), and group(5) lines.
     A directory declaration is of the following form:

           directory "some.host" {
                   # directives
           }

     Valid directives for directories are:

     attribute name maps to string
             Map the passwd(5), master.passwd(5), or group(5) attribute to the
             LDAP attribute name supplied.

     basedn string
             Use the supplied search base as starting point for the directory
             search.

     groupdn string
             Use the supplied search base as starting point for the directory
             search for groups.  If not supplied, the basedn value will be
             used.

     bindcred string
             Use the supplied credentials for simple authentication against
             the directory.

     binddn string
             Use the supplied Distinguished Name to bind to the directory.

     fixed attribute attribute string
             Do not retrieve the specified attribute from LDAP but instead set
             it unconditionally to the supplied value for every entry.

     group filter string
             Use the supplied LDAP filter to retrieve group entries.

     list name maps to string
             Map the passwd(5), master.passwd(5), or group(5) attribute to the
             LDAP attribute name supplied.  A list creates a comma separated
             list of all the LDAP attributes found.

             Valid attributes are:

                   name
                   passwd
                   uid
                   gid
                   gecos
                   home
                   shell
                   change
                   expire
                   class
                   groupname
                   grouppasswd
                   groupgid
                   groupmembers

     passwd filter string
             Use the supplied LDAP filter to retrieve password entries.

FILES
     /etc/ypldap.conf  ypldap(8) configuration file.
     /usr/share/examples/ypldap/ypldap.conf
                       ypldap(8) configuration file example.

SEE ALSO
     ypbind(8), ypldap(8), ypserv(8)

HISTORY
     The ypldap.conf file format first appeared in OpenBSD 4.4.

FreeBSD 13.1-RELEASE-p6         March 22, 2020         FreeBSD 13.1-RELEASE-p6