<?php
// Source: https://git.friendi.ca/friendica/friendica-addons/src/branch/develop/ldapauth

// Warning: Don't change this file! It only holds the default config values for this addon.
// Instead, copy this file to config/ldapauth.config.php in your Friendica directory and set the correct values there

return [
	'ldapauth' => [
		// ldap_server (String)
		// ldap hostname server - required
		// Example: ldap_server = host.example.com
		'ldap_server' => '{{ ldap.server.uri }}',

		// ldap_binddn (String)
		// admin dn - optional - only if ldap server dont have anonymous access
		// Example: ldap_binddn = cn=admin,dc=example,dc=com
		'ldap_binddn' => '{{ ldap.dn.administrator.data }}',

		// ldap_bindpw (String)
		// admin password - optional - only if ldap server dont have anonymous access
		'ldap_bindpw' => '{{ ldap.bind_credential }}',

		// ldap_searchdn (String)
		// dn to search users - required
		// Example: ldap_searchdn = ou=users,dc=example,dc=com
		'ldap_searchdn' => '{{ ldap.dn.ou.users }}',

		// ldap_userattr (String)
		// attribute to find username - required
		// Example: ldap_userattr = uid
		'ldap_userattr' => '{{ ldap.user.attributes.id }}',

		// ldap_group (String)
		// DN of the group whose member can auth on Friendica - optional
		'ldap_group' =>'',

		// ldap_autocreateaccount (Boolean)
		// To create Friendica account if user exists in ldap
		// Requires an email and a simple (beautiful) nickname on user ldap object
		// active account creation - optional - default true
		'ldap_autocreateaccount' => true,

		// ldap_autocreateaccount_emailattribute (String)
		// attribute to get email - optional - default : 'mail'
		'ldap_autocreateaccount_emailattribute' => '{{ ldap.user.attributes.mail }}',

		// ldap_autocreateaccount_nameattribute (String)
		// attribute to get nickname - optional - default : 'givenName'
		'ldap_autocreateaccount_nameattribute' => '{{ ldap.user.attributes.firstname }}',
	],
];