source: trunk/LATMOS-Accounts/man/man5/latmos-accounts.ini.pod @ 2380

# $Id: latmos-accounts.ini.5.pod 3186 2010-09-01 08:10:38Z nanardon $

=head1 NAME

latmos-accounts.ini - Main configuration file for latmos-account.

=head1 DEFAULT LOCATION

F</etc/latmos-accounts/latmos-accounts.ini>

=head1 DESCRIPTION

This config is an C<ini> like file split into section. Each section describe a
base except sections describe bellow.

=head1 [_default_] SECTION

This section contains global configuration variables

=head2 VARIABLES

=head3 base

The top level base to use by default to modify informations. The base must
exists as a section in the configuration

=head3 sync

The default synchronisation to run. The synchronisation must exists as a section
in configuration.

=head3 state_dir

The directory where data files will be stored

=head3 smtp

The SMTP server to use to send mails

=head3 mailFrom

The identity to use in FROM field when sending mail

=head3 expire_summary_to

When set, this email address will receive a summary about account expiring soon

=head3 mailSubject

This parameter is dedicate to set the company or institute name. It is used to
build the subject of mail send by application.

=head3 crypt_method

Specify the C<crypt()> algorythm to use to encrypt password when the work is
done on application side. Can be DES, MD5, SHA-256 or SHA-512, default to MD5.

Can be specified per base.

=head3 cracklib_dictionnary

The path to a specific dictionnary formated for cracklib library

=head2 [_defattr_] SECTION

Contains value assigned at object creation if the value is not specified.
Each variable is in form C<object.attributes>.

Some value can be specify for more complex auto completion:

=head3 user.homebase

This value is used a base directory for UNIX user home. The login is append to
end of the value (preceded by a C</>).

=head3 user.maildomain

If exists set the mail attribute in form C<sn.givenName@maildomain>.

=head2 [_network_]

This section is used by buildnet tools, to generate network config file (DNS
zone and dhcp).

=head3 template_dir

The directory containing template files

=head3 output_dir

The directory containing results files

=head3 pre

A command to execute before processing all zones

=head3 post

A command to run after procession all zones

=head2 post_zone

A command which will be run after each zone build

=head2 maillog

If set, must contains an email address where error will be sent in batch mode.

=head2 checkzone

If set generated DNS zones will be first written in a temporary files and
checked by C<checkzone> utility.

If the test fail the zone is not generated and temporary file not removed for
analysis.

=head2 named-checkzone

The binary location of named-checkzone, default is C</usr/sbin/named-checkzone>.

=head2 BASES SECTIONS

TODO

=head2 SYNCHRO SECTIONS

Each synchronisation definition is identified by a section, the section name is
prefixed by C<sync:>.

=head3 from

The base to use as source

=head3 to

The bases to synchronize, multiples bases can be specified

=head3 pre

A script to run before processing, if it failed, the synchronisation is not
performed

=head3 post

A script to run after processing, if it failed, the synchronisation is not
recorded as done.

=head3 unexported

When set, unexported object are synchronised, usefull for base supporting this
feature (SQL only at time)

=head3 noDelete

Setting this parameter will make the syncronisation not deleting object in
destination bases.

Setting the C<noDelete.BASE> where C<BASE> is the name of an synchronized base
will make this synchronisation not deleting any object into this base,

Setting the C<noDelete.BASE.OTYPE> will make the synchronisation not deleting
object type C<OTYPE> no delete into the base named C<BASE>.

Example:

    noDelete.MyLdap.user = yes

=head3 filtering object propagation

It is possible to filter the objects you want to propagate into peer base.

The filter to apply must be set into the parameter named
C<filter.BASENAME.OTYPE>, where C<BASENAME> is the name of the destination
base and C<OTYPE> the object type to filter.

For example to push into C<ldap> base only user being into group C<unix>:

  filter.ldap.user = memberOf=unix


=head3 Deleting filtered object

By default filtered object will not be deleted to the destination base, neither
touched.

Setting option in form C<deletefiltered.BASENAME.OTYPE> to true will allow
deletion. This option has effects only if filtering objects is enabled.

=head1 SEE ALSO

la-allowed-values.ini(5),
la-sync-list.ini(5) 

=head1 AUTHOR

Olivier Thauvin <olivier.thauvin@latmos.ipsl.fr>

=head1 COPYRIGHT

(c) LATMOS - IPSL - CNRS