Provided by: splatd_1.2-0ubuntu2_all bug

NAME

       splat.conf - Scalable Periodic LDAP Attribute Transmogrifier
       configuration file

INTRODUCTION

       The Splat configuration file is composed of three different section
       types:

       o   LDAP Configuration

       o   Service Helper Configuration

       o   Logging Configuration

       The configuration uses an Apache-style syntax:

           <LDAP>
               # The LDAP Server configuration.
               # URI of the server(s)
               URI         ldaps://ldap1.example.com
               # The default search base for the server
               BaseDN      dc=example,dc=com
           </LDAP>

LDAP CONFIGURATION

       The LDAP section defines connection parameters for your LDAP server,
       and may appear once within a Splat configuration file. If you make use
       of SSL/TLS, you will need to ensure that the appropriate settings are
       enabled in your system ldap.conf (e.g.  TLS_CACERT or TLS_CACERTDIR, if
       necessary).

   LDAP Configuration Options
       URI
           URI of the LDAP server(s).

       BaseDN
           Default Search Base DN.

       BindDN
           LDAP Bind DN. If omitted, Slap will use an anonymous bind.

       Password
           LDAP Bind Password.

LOGGING CONFIGURATION

       The Logging section configures logging for the Splat daemon. It is
       composed of any number of syslog or logfile subsections and a global
       Level setting.

       Level
           Log Verbosity. One of: debug, info, warning, error, critical

   Syslog Configuration Options
       Facility
           Syslog Facility.

       Address
           Address of syslog server, or pathname to syslog socket. This varies
           between hosts. FreeBSD's syslog socket is located at /var/run/log,
           while Linux systems often use /dev/log.

   Logfile Configuration Options
       Path
           Path to log file, or reference to Python file object such as
           STDOUT.

SERVICE HELPER CONFIGURATION

       The Service section configures Splat's service helper modules. It is
       composed service-specific settings, including any number of Option, and
       Group subsections. Group and Service names (such as UserSSH or
       Administrators) must be unique within their scope, but are not
       interpreted by Splat in any other way.

       Option subsections may be specified in both the Service section and the
       Group subsection. Options are used to set and unset helper-specific
       settings. Module options are documented in the module-specific
       documentation. Example:

           <Option mingid>
             # Do not write keys for users with a GID less than mingid
             Value 1000
           </Option>

           # Unset the Command option
           <Option command/>

   Service Configuration Options
       Helper
           Python Helper Module. Example: splat.helpers.sshPublicKeys

       Frequency
           Frequency at which helper is invoked. Units may be specified in
           hours (h), minutes (m), or seconds (s).

       SearchBase
           LDAP search base. If left unspecified, defaults to the BaseDN
           specified in the LDAP configuration section.

       SearchFilter
           LDAP search filter. All records that match this filter (and,
           optionally, are members of a permitted group) will be passed to the
           service helper module.

       RequireGroup (yes/no)
           Require that returned entries match one of the specified Groups.

   Group Configuration Options
       SearchBase
           LDAP search base. If left unspecified, defaults to the BaseDN
           specified in the LDAP configuration section.

       SearchFilter
           LDAP search filter. All records that match this filter will
           determine this groups membership. The filter should return
           groupOfUniqueNames or groupOfNames objects. I suggest using
           RFC2307bis to combine posixGroup and groupOfUniqueName.

       MemberAttribute
           LDAP attribute used to store member DNs. Defaults to uniqueMember.

EXAMPLES

       An example configuration file splat.conf is included with the Splat
       source.

SEE ALSO

       splatd(8) ldap.conf(5)

       http://code.google.com/p/splatd.

AUTHORS

       Nick Barkas <snb@threerings.net>
           Author.

       Landon Fuller <landonf@threerings.net>
           Author.

COPYRIGHT

                                  2006-05-14                     SPLAT.CONF(5)