# Endpoint Manager Service Active Directory Settings.
# Author Paul Woods
# Copyright (C)  Geolang Ltd 2021
# File must follow a format that is recognised by the class java.util.Properties.


# Settings for AD authentication
# By default user login details are held in the database, to also allow AD logins, fill in the required sections of this file and restart the manager.

#  Allowed Settings:
#  
#   URL1     ( url must begin ldap:// or ldaps:// )
#   DOMAIN1     ( required, domain associated with URL1 e.g. mydomain.local)
#   URL2   ( if the user cannot be found in the primary we fallback to the secondary )
#   DOMAIN2     ( required if URL2 is defined, domain associated with URL2 )
#
#   ALLOW_SELF_SIGNED  ( if using ldaps, allow self signed certificates )
#   USER_DN_PATTERN ( default is (&(objectClass=user)(sAMAccountName={0})) )
#   GROUP_ATTRIBUTE ( default is memberOf )
#
#   AUDIT_GROUPS    ( comma separated list of group names )
#   ADMIN_GROUPS
#   BASIC_GROUPS
#
#   CREATE_LOCAL_USERS_DISABLED ( set to true to disallow creation of local logins other than Administrator, default is false )

#  Required Settings:
#  URL1, DOMAIN1, and at least one of the *_GROUPS must be set


#Example ( uncomment and fill in details )

#DOMAIN1=somedomain.local
#URL1=ldap://10.10.2.12
#ADMIN_GROUPS=admin,otheradmins
#BASIC_GROUPS=users
#ALLOW_SELF_SIGNED=true