## Enable LDAP. Change this to true to use LDAP.
ldap=false

## Cron expression to force a refresh of LDAP users.  Default is daily at 02:00 (0 0 2 * * ? *)
#ldap.refresh.cron=0 0 * * * ? *

## Allow the "Administrator" user to login when the LDAP server is unreachable. If this property
## is enabled the Administrator user should have a secure password. To update the password for
## the Administrator user LDAP needs to be disabled then enabled again once the change is made.
#ldap.failover.administrator.enabled=false

## Enter these details for each LDAP server you intend to use. These will be accessed in numerical
## order, so for example server 1 will be tried before server 2.
## LDAP host. This is a required field for each server.
## LDAP port. Defaults to 389 for non-SSL or 636 for SSL.
## Enable SSL. Default is false.
## Path and name of SSL certificate file(s). Defaults to RHAP_INSTALL_DIR/rhapsody/data/users/ldap.cer
## Auto-fetch: download the SSL certificate from LDAP server. Default is false.

## Example full configuration.
#server.1.host=
#server.1.port=
#server.1.ssl=true
#server.1.ssl.cert.file.1=ldap.cer
#server.1.ssl.cert.file.2=ldap1.cer
#server.1.ssl.cert.file.3=ldap2.cer
#server.1.ssl.cert.autofetch=false

## Example minimum configuration.
#server.2.host=

## Example SSL configuration.
#server.3.host=
#server.3.port=636
#server.3.ssl=true
#server.3.ssl.cert.file.1=ldap.cer

## ... add more LDAP servers here following the same pattern.


## Path and password of keystore file. Defaults to RHAP_INSTALL_DIR/rhapsody/data/users/ldap.ks
#ssl.keystore.file=ldap.ks
#ssl.keystore.password=

## Accept expired certificates. Allows expired certificates to accepted when using SSL. Default is false.
#accept.expired.certs=false

## LDAP login details used to query LDAP.
login=
password=

## The DN ending for LDAP users and LDAP groups.
userBase=
groupBase=

## MS Active Directory attribute names used to identify users, groups and associated attributes.
userClass=user
groupClass=group
usernameAttribute=sAMAccountName
memberOfAttribute=memberOf
groupMembersAttribute=member
fullNameAttribute=cn
emailAttribute=mail

## OpenLDAP attribute names used to identify users, groups and associated attributes.
#userClass=inetOrgPerson
#groupClass=groupofnames
#usernameAttribute=uid
#memberOfAttribute=
#groupMembersAttribute=member
#fullNameAttribute=cn
#emailAttribute=mail

## Map LDAP users DN to a Rhapsody access group. Default Rhapsody groups are Administrator, Developer and Monitoring.
user.1.dn=CN=
user.1.accessGroup.1=
#user.2.dn=CN=
#user.2.accessGroup.1=
#user.2.accessGroup.2=
## ... add more users here following the same pattern.

## Map LDAP group DN to a Rhapsody access group. Default Rhapsody groups are Administrator, Developer and Monitoring.
group.1.dn=CN=
group.1.accessGroup.1=
#group.2.dn=CN=
#group.2.accessGroup.1=
#group.2.accessGroup.2=
## ... add more groups here following the same pattern.