In the [LDAP] section, settings to establish and maintain interaction between Dr.Web MailD and LDAP server are specified:
Lib = {path to file} |
Path to OpenLDAP library version 2.0 or later. Library must be built with thread support (that is, "_r" suffix must be present in the file name). Library is located using dlopen system call (please refer to the corresponding documentation). In the current version this parameter cannot be changed with SIGHUP signal, restart of Dr.Web MailD is required. |
|---|---|
Default value: Lib = /usr/lib/libldap_r.so |
|
Please note that when using libldap_r.so library in FreeBSD 6.4/amd64 the following error may occur: Undefined symbol "gethostbyname_r" |
Hostname = {string} |
LDAP server hostname. If the parameter value is not specified, localhost is used. The parameter value can also be locally overridden in a Lookup. |
|---|---|
Default value: Hostname = |
Port = {numerical value} |
LDAP server port. The parameter value can also be locally overridden in a Lookup. |
|---|---|
Default value: Port = 389 |
Timeout = {time} |
Timeout for LDAP requests. The parameter value can also be locally overridden in a Lookup. |
|---|---|
Default value: Timeout = 10s |
Version = {string} |
LDAP protocol version. To enable secure data transfer with TLS/SSL, use LDAP protocol version 3 or later. The parameter value can also be locally overridden in a Lookup. |
|---|---|
Default value: Version = 3 |
Bind = {logical} |
Enables binding before making requests. For LDAP protocol version 3, binding is not necessary. The parameter value can also be locally overridden in a Lookup. |
|---|---|
Default value: Bind = No |
BindDn = {string} |
Unique name for binding. The parameter value can also be locally overridden in a Lookup. |
|---|---|
Default value: BindDn = |
BindPw = {string} |
Password used for binding. The parameter value can also be locally overridden in a Lookup. |
|---|---|
Default value: BindPw = |
SearchBase = {string} |
Base DN to start search from (RFC2253). |
|---|---|
Default value: SearchBase = |
SizeLimit = {numerical value} |
Maximum number of strings received in response to the single database request. When parameter value is set to 0, maximum number of received strings is not limited. The parameter value can also be locally overridden in a Lookup. |
|---|---|
Default value: SizeLimit = 0 |
Dereference = {3 | 2 | 1 | 0} |
Permissions for LDAP aliases: •0 - never; •1 - when searching; •2 - when locating base object for search; •3 - always. The parameter value can also be locally overridden in a Lookup. |
|---|---|
Default value: Dereference = 0 |
ChaseReferrals = {numerical value} |
LDAP_OPT_REFERRALS setting. To set this parameter, LDAP protocol version 3 or later is required. The parameter value can also be locally overridden in a Lookup. |
|---|---|
Default value: ChaseReferrals = 0 |
SkipDomains = {LookupLite} |
List of domains for which request to database is not required. This parameter often helps improve performance and considerably reduce server load. Please note that the parameter value is LookupLite. The parameter value can also be locally overridden in a Lookup. |
|---|---|
Default value: SkipDomains = |
OnError = {ignore | exception} |
Sets mode of error handling (errors that occur when connecting to the specified data source). Allowed modes: •ignore – ignore the error and continue message processing (the error is only recorded in log); •exception – throw an exception which will be handled as an error of message processing. The handling method corresponds to the value of the ProcessingError parameter specified for the module that was processing the message when the error occurred. The parameter value can also be locally overridden in Lookup. |
|---|---|
Default value: OnError = ignore |
CheckPeriod = {time} |
Maximum idle time for LDAP connection to be closed. Check for LDAP inactive connections is performed using the same time period. |
|---|---|
Default value: CheckPeriod = 2m |
Dr.Web MailD uses OpenLDAP library for connection to LDAP (library version must be 2.0 and later).
If the specified LDAP-server is not available, Dr.Web MailD attempts to establish connection until the timeout occurs (specified in the Timeout parameter). When the time expires, an error is logged and processed in accordance with the OnError parameter value.