################## # General settings ################## # Unique identifier for this source :source: AD-server1 # Synchronization strategy # ************************************************************************* # # WARNING: Using 'sync_all' strategy will sync all the users found from LDAP # to Helix TeamHub and new users will receive a registration/welcome email. # # ************************************************************************* # 'sync_all' - Synchronize all users found from LDAP to Helix TeamHub. # 'keep_in_sync' - Keep only existing Helix TeamHub users up-to-date. :strategy: 'sync_all' # Be more verbose about what the syncer is doing :verbose: true ############## # API settings ############## # Company key to identify the company :company_key: 441801828582b285a2a9d743afcb62e7 # Account key to identify the account :account_key: 78ab25b65e5b8159a60542f01d2e91ff # API base url for Helix TeamHub :api_url: http://192.168.2.71 # Server certificate for HTTPS connections # :api_server_certificate: server.crt # Number of users to sync to Helix TeamHub per request :hth_batch_size: 50 ############################ # LDAP synchronizer settings ############################ # The host and port where the LDAP is running :host: "10.1.3.55" :port: 389 # Encryption method for LDAP connection. Possible options: # :plain - No encryption, usually used together with port 389 # :start_tls - StartTLS, usually used together with port 389 # :simple_tls - LDAPS, usually used together with port 636 :auth_method: :plain # Authentication credentials for the LDAP. # Only read access is needed. :auth_username: "CN=Jen,OU=UK-Users,OU=UK,OU=Techsupport,DC=TSAD-UK,DC=local" :auth_password: "P@ssword" # The path where to find users from LDAP. :base: "DC=TSAD-UK,DC=local" # Additional query filters for fetching users from LDAP # :query_filters: '(memberof=cn=Helix,cn=Users,dc=example,dc=com)' # Additional query filters for identifying groups from LDAP :group_query_filters: '(member=*)' # If your directory does not provide group member information through # user entries, set the following option to true and specify a value # for group_base config and revise the value of ldap_groups attribute. :request_user_groups: false # The base DN for finding groups. :group_base: 'ou=Groups,dc=example,dc=com' # List of usernames to ignore. :ignore_users: [support, krbtgt] # LDAP attribute mappings for the user attributes. # Helix TeamHub attribute => LDAP attribute :ldap_required_attributes: :short_name: 'samaccountname' :first_name: 'givenname' :last_name: 'sn' :email: 'mail' # Optional user attributes that are synchronized if they have content # Helix TeamHub attribute => LDAP attribute :ldap_optional_attributes: :password: 'userpassword' :description: 'description' :ldap_groups: 'memberof' # Attribute to interpret if the user is enabled or disabled. # The type can be be 'normal' or 'bitmask': # normal: user is disabled if the attribute includes the value # bitmask: user is disabled if the attribute has the value bit set :disabled_status: :type: 'bitmask' :attribute: 'useraccountcontrol' :value: 2 # LDAP attribute mappings for the group attributes. # Helix TeamHub attribute => LDAP attribute # # LDAP groups can be mapped to Helix TeamHub groups by using either # distinguished name (dn) or common name (cn) of the group # as a value for the source attribute. :ldap_group_attributes: :id: 'cn' :name: 'cn' :source: 'dn' :description: 'description' # Number of users to read from LDAP per query :ldap_batch_size: 50