Provided by: splatd_1.2-0ubuntu2_all 
NAME
splat.conf - Scalable Periodic LDAP Attribute Transmogrifier configuration file
INTRODUCTION
The Splat configuration file is composed of three different section types:
• LDAP Configuration
• Service Helper Configuration
• Logging Configuration
The configuration uses an Apache-style syntax:
<LDAP>
# The LDAP Server configuration.
# URI of the server(s)
URI ldaps://ldap1.example.com
# The default search base for the server
BaseDN dc=example,dc=com
</LDAP>
LDAP CONFIGURATION
The LDAP section defines connection parameters for your LDAP server, and may appear once within a Splat
configuration file. If you make use of SSL/TLS, you will need to ensure that the appropriate settings are
enabled in your system ldap.conf (e.g. TLS_CACERT or TLS_CACERTDIR, if necessary).
LDAP Configuration Options
URI
URI of the LDAP server(s).
BaseDN
Default Search Base DN.
BindDN
LDAP Bind DN. If omitted, Slap will use an anonymous bind.
Password
LDAP Bind Password.
LOGGING CONFIGURATION
The Logging section configures logging for the Splat daemon. It is composed of any number of syslog or
logfile subsections and a global Level setting.
Level
Log Verbosity. One of: debug, info, warning, error, critical
Syslog Configuration Options
Facility
Syslog Facility.
Address
Address of syslog server, or pathname to syslog socket. This varies between hosts. FreeBSD´s syslog
socket is located at /var/run/log, while Linux systems often use /dev/log.
Logfile Configuration Options
Path
Path to log file, or reference to Python file object such as STDOUT.
SERVICE HELPER CONFIGURATION
The Service section configures Splat´s service helper modules. It is composed service-specific settings,
including any number of Option, and Group subsections. Group and Service names (such as UserSSH or
Administrators) must be unique within their scope, but are not interpreted by Splat in any other way.
Option subsections may be specified in both the Service section and the Group subsection. Options are
used to set and unset helper-specific settings. Module options are documented in the module-specific
documentation. Example:
<Option mingid>
# Do not write keys for users with a GID less than mingid
Value 1000
</Option>
# Unset the Command option
<Option command/>
Service Configuration Options
Helper
Python Helper Module. Example: splat.helpers.sshPublicKeys
Frequency
Frequency at which helper is invoked. Units may be specified in hours (h), minutes (m), or seconds
(s).
SearchBase
LDAP search base. If left unspecified, defaults to the BaseDN specified in the LDAP configuration
section.
SearchFilter
LDAP search filter. All records that match this filter (and, optionally, are members of a permitted
group) will be passed to the service helper module.
RequireGroup (yes/no)
Require that returned entries match one of the specified Groups.
Group Configuration Options
SearchBase
LDAP search base. If left unspecified, defaults to the BaseDN specified in the LDAP configuration
section.
SearchFilter
LDAP search filter. All records that match this filter will determine this groups membership. The
filter should return groupOfUniqueNames or groupOfNames objects. I suggest using RFC2307bis to
combine posixGroup and groupOfUniqueName.
MemberAttribute
LDAP attribute used to store member DNs. Defaults to uniqueMember.
EXAMPLES
An example configuration file splat.conf is included with the Splat source.
SEE ALSO
splatd(8) ldap.conf(5)
http://code.google.com/p/splatd.
AUTHORS
Nick Barkas <snb@threerings.net>
Author.
Landon Fuller <landonf@threerings.net>
Author.
COPYRIGHT
2006-05-14 SPLAT.CONF(5)