blob: a886bb5fc3eabadf4b31e9a73a64453b5ebe0868 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
if PACKAGE_libopenldap
config OPENLDAP_DEBUG
bool "Enable debugging information"
default y
help
Enable debugging information. This option must be enabled
for the loglevel directive to work.
config OPENLDAP_CRYPT
bool "Crypt(3) passwords support"
default n
help
With crypt(3) password storage scheme enabled, OpenLDAP can
receive and store SHA-256 and SHA-512 password hashes from
Samba AD-DC. If this option is disabled, synchronization of
passwords between Samba AD-DC (v4.5 and above) and OpenLDAP
requires use of cleartext passwords.
To enable crypt(3) password synchronization functionality:
1. Re-include crypt(3) support in OpenWRT by enabling 'Include
crypt() support for SHA256, SHA512 and Blowfish ciphers' option
in "Advanced configuration options (for developers)" ->
"Toolchain Options".
2. Provision AD-DC with 'password hash userPassword schemes'
option. For more information, see smb.conf manpage for details
on 'password hash userPassword schemes'.
3. Use a script to synchronize passwords from AD-DC to
OpenLDAP. See samba-tool manpage for 'user syncpasswords'.
config OPENLDAP_MONITOR
bool "Enable monitor backend"
default n
help
Enable monitor backend to obtain information about the running
status of the daemon. See OpenLDAP documentation for more
information.
config OPENLDAP_DB47
bool "Berkeley DB support"
default n
help
Enable Berkeley DB support (BDB).
config OPENLDAP_ICU
bool "ICU support"
default n
help
Enable ICU (International Components for Unicode) support.
endif
|