LDAPGroups [ "group-base-dn"
] [ "group-name-filter-template"
] [ "gid-number-filter-template"
] [ "member-user-filter-template"
]
Default
disabled
Context
server config, <VirtualHost>, <Global>
Module
mod_ldap
Compatibility
mod_ldap v2.9.0 and later
Activates LDAP group membership lookups and GID to name mappings in directory listings.
The first argument is the LDAP base DN to use for group lookups. The second through fourth arguments are search filter templates; %u will be replaced with the group name, GID number, or group member username that is being looked up, respectively.
The default search filter templates are:
group-name-filter-template: "(cn=%u)(objectclass=posixGroup))", gid-number-filter-template: "(gidNumber=%u)(objectclass=posixGroup))", member-user-filter-template: "(memberUid=%u)(objectclass=posixGroup))".
The attribute names used in the default search filters are taken from the LDAPAttr directive, so if you re-map an attribute, the default search filter reflects that re-mapping.