A phpldapadmin 1.2.x config.php that works

So phpldpadmin has never been documented very well. In fact the wiki’s description of the core config.php file is woefully out of date and worse than useless. Sadly, the mailing lists are not very active and don’t receive many visits from the developers either. To make things worse, the config.php.example file included with the 1.2.x distributions will not work without editing. Unfortunately there is no up to date “M” to recommend people to “RTF”. Some pointers to follow.

Although the developers recommend going to the latest version, overall I’m pretty unhappy with the changes that were made to the UI defaults since 1.1.0.7 (e.g. the elimination of the “Simple” query form, and the new requirement that users select a template to view entries). As a result I would caution anyone planning an upgrade to 1.2.x to try learning how the app works and do some meaningful testing before rolling it out. I am still actively working to determine what customizations will be needed to restore the defaults my folks are used to, and coming up short so far (so much so that I’m also looking around for a replacement web-enabled LDAP browser like the experimental java Directory Editor that Sun bundled with JSDS 6.3 — I’m even considering the current DSEE web console as an option).

In fact there are two lines in that example configuration that, if left uncommented, will cause the application to abend. The offending lines you need to comment out in each LDAP server definition are:

$servers->setValue('login','class',null);
$servers->setValue('force_may','attrs',array('uidNumber','gidNumber','sambaSID'));

Following is a complete, working, example config.php. This configuration has been tested successfully with version 1.2.1.1 (the latest as of this posting).

<?php
/**NOTE**
**Makesurethat<?phpistheFIRSTlineofthisfile!
**IE:ThereshouldNOTbeanyblanklinesorspacesBEFOREcustomvariabletodoso.
*Forexample,thedefaultfordefiningthelanguageinconfig_default.php
*
*$this->default->appearance['language']=array(
*'desc'=>'Language',
*'default'=>'auto');
*
*tooverridethis,use$config->custom->appearance['language']='en_EN';
*
*ThisfileisalsousedtoconfigureyourLDAPserverconnections.
*
*YoumustspecifyatleastoneLDAPserverthere.Youmayadd
*asmanyasyoulike.Youcanalsospecifyyourlanguage,and
*manyotheroptions.
*
*NOTE:Commentedoutvaluesinthisfileprefixedby//,representthe
*defaultsthathavebeendefinedinconfig_default.php.
*Commentedoutvaluesprefixedby#,dontreflecttheirdefaultvalue,youcan
*checkconfig_default.phpifyouwanttoseewhatthedefaultis.
*
*DONTchangeconfig_default.php,youchangeswillbelostbythenextrelease
*ofPLA.Insteadchangethisfile-asitwillNOTbereplacedbyanew
*versionofphpLDAPadmin.
*/
	
/*********************************************
*Usefulimportantconfigurationoverrides*
*********************************************/
	
/*IfyouareaskedtoputPLAindebugmode,thisishowyoudoit:*/
#$config->custom->debug['level']=255;
#$config->custom->debug['syslog']=true;
#$config->custom->debug['file']='/tmp/pla_debug.log';
	
/*phpLDAPadmincanencryptthecontentofsensitivecookiesifyousetthis
toabigrandomstring.*/
//$config->custom->session['blowfish']=null;
	
/*Ifyourauth_typeishttp,youcanoverrideyourHTTPAuthenticationRealm.*/
//$config->custom->session['http_realm']=sprintf('%s%s',app_name(),'login');
	
/*Thelanguagesetting.Ifyousetthisto'auto',phpLDAPadminwillattempt
todetermineyourlanguageautomatically.Otherwise,availablelanaguages
are:'ct','de','en','es','fr','it','nl',and'ru'
Localizationisnotcompleteyet,butmoststringshavebeentranslated.
Pleasehelpbywritinglanguagefiles.Seelang/en.phpforanexample.*/
//$config->custom->appearance['language']='auto';
	
/*ThetemporarystoragedirectorywherewewillputjpegPhotodata
Thisdirectorymustbereadableandwritablebyyourwebserver.*/
//$config->custom->jpeg['tmpdir']='/tmp';//ExampleforUnixsystems
#$config->custom->jpeg['tmpdir']='c:\temp';//ExampleforWindowssystems
	
/*Setthisto(bool)trueifyoudoNOTwantarandomsaltusedwhen
callingcrypt().Instead,usethefirsttwolettersoftheuser's
password.Thisisinsecurebutunfortunatelyneededforsomeolder
environments.*/
#$config->custom->password['no_random_crypt_salt']=true;
	
/*PHPscripttimeoutcontrol.Ifphprunslongerthanthismanysecondsthen
PHPwillstopwithanMaximumExecutiontimeerror.Increasethisvaluefrom
thedefaultifqueriestoyourLDAPserverareslow.Thedefaultiseither
30secondsorthesettingofmax_exection_timeifthisisnull.*/
//$config->custom->session['timelimit']=30;
	
/*Ourlocaltimezone
Thisistomakesurethatwhenweaskthesystemforthecurrenttime,we
gettherightlocaltime.Ifthisisnotset,alltime()calculationswill
assumeUTCifyouhavenotsetPHPdate.timezone.*/
//$config->custom->appearance['timezone']=null;
#$config->custom->appearance['timezone']='Australia/Melbourne';
	
/*********************************************
*Commands*
*********************************************/
	
/*Commandavailability;ifyoudon'tauthorizeacommandthecommand
linkswillnotbeshownandthecommandactionwillnotbepermitted.
Forbettersecurity,setalsoACLinyourldapdirectory.*/
/*
$config->custom->commands['cmd']=array(
	'entry_internal_attributes_show'=>true,
	'entry_refresh'=>true,
	'oslinks'=>true,
	'switch_template'=>true
);
	
$config->custom->commands['script']=array(
	'add_attr_form'=>true,
	'add_oclass_form'=>true,
	'add_value_form'=>true,
	'collapse'=>true,
	'compare'=>true,
	'compare_form'=>true,
	'copy'=>true,
	'copy_form'=>true,
	'create'=>true,
	'create_confirm'=>true,
	'delete'=>true,
	'delete_attr'=>true,
	'delete_form'=>true,
	'draw_tree_node'=>true,
	'expand'=>true,
	'export'=>true,
	'export_form'=>true,
	'import'=>true,
	'import_form'=>true,
	'login'=>true,
	'logout'=>true,
	'login_form'=>true,
	'mass_delete'=>true,
	'mass_edit'=>true,
	'mass_update'=>true,
	'modify_member_form'=>true,
	'monitor'=>true,
	'purge_cache'=>true,
	'query_engine'=>true,
	'rename'=>true,
	'rename_form'=>true,
	'rdelete'=>true,
	'refresh'=>true,
	'schema'=>true,
	'server_info'=>true,
	'show_cache'=>true,
	'template_engine'=>true,
	'update_confirm'=>true,
	'update'=>true
);
*/
	
/*********************************************
*Appearance*
*********************************************/
	
/*Ifyouwanttochoosetheappearanceofthetree,specifyaclassnamewhich
inheritsfromtheTreeclass.*/
//$config->custom->appearance['tree']='AJAXTree';
#$config->custom->appearance['tree']='HTMLTree';
	
/*Justshowyourcustomtemplates.*/
//$config->custom->appearance['custom_templates_only']=false;
	
/*Disablethedefaulttemplate.*/
//$config->custom->appearance['disable_default_template']=false;
	
/*HidethewarningsforinvalidobjectClasses/attributesintemplates.*/
//$config->custom->appearance['hide_template_warning']=false;
	
/*Configurewhatobjectsareshowninlefthandtree*/
//$config->custom->appearance['tree_filter']='(objectclass=*)';
	
/*Theheightandwidthofthetree.Ifthesevaluesarenotset,then
notreescrollbarsareprovided.*/
//$config->custom->appearance['tree_height']=null;
#$config->custom->appearance['tree_height']=600;
//$config->custom->appearance['tree_width']=null;
#$config->custom->appearance['tree_width']=250;
	
/*Confirmcreateandupdateoperations,allowingyoutoreviewthechanges
andoptionallyskipattributesduringthecreate/updateoperation.*/
//$config->custom->confirm['create']=true;
//$config->custom->confirm['update']=true;
	
/*Confirmcopyoperations,andtreatthemlikecreateoperations.Thisallows
youtoedittheattributes(thuschanginganythatmightconflictwith
uniqueness)beforecreatingthenewentry.*/
//$config->custom->confirm['copy']=true;
	
/*********************************************
*User-friendlyattributetranslation*
*********************************************/
	
/*Usethisarraytomapattributenamestouserfriendlynames.Forexample,if
youdon'twanttosee"facsimileTelephoneNumber"butrather"Fax".*/
//$config->custom->appearance['friendly_attrs']=array();
$config->custom->appearance['friendly_attrs']=array(
	'facsimileTelephoneNumber'=>'Fax',
	'gid'=>'Group',
	'mail'=>'Email',
	'telephoneNumber'=>'Telephone',
	'uid'=>'UserName',
	'userPassword'=>'Password'
);
	
/*********************************************
*Hiddenattributes*
*********************************************/
	
/*Youmaywanttohidecertainattributesfrombeingedited.Ifyouwantto
hideattributesfromtheuser,youshoulduseyourLDAPserversACLs.
NOTE:Theusermustbeabletoreadthehide_attrs_exemptentrytobe
excluded.*/
//$config->custom->appearance['hide_attrs']=array();
#$config->custom->appearance['hide_attrs']=array('objectClass');
	
/*Membersofthislistwillbeexemptfromthehiddenattributes.*/
//$config->custom->appearance['hide_attrs_exempt']=null;
#$config->custom->appearance['hide_attrs_exempt']='cn=PLAUnHide,ou=Groups,c=AU';
	
/*********************************************
*Read-onlyattributes*
*********************************************/
	
/*YoumaywanttophpLDAPadmintodisplaycertainattributesasreadonly,
meaningthatuserswillnotbepresentedaformformodifyingthose
attributes,andtheywillnotbeallowedtobemodifiedonthe"back-end"
either.Youmayconfigurethislisthere:
NOTE:Theusermustbeabletoreadthereadonly_attrs_exemptentrytobe
excluded.*/
//$config->custom->appearance['readonly_attrs']=array();
	
/*Membersofthislistwillbeexemptfromthereadonlyattributes.*/
//$config->custom->appearance['readonly_attrs_exempt']=null;
#$config->custom->appearance['readonly_attrs_exempt']='cn=PLAReadWrite,ou=Groups,c=AU';
	
/*********************************************
*Groupattributes*
*********************************************/
	
/*Add"modifygroupmembers"linktotheattribute.*/
//$config->custom->modify_member['groupattr']=array('member','uniqueMember','memberUid');
	
/*Configurefilterformembersearch.Thisonlyappliesto"modifygroupmembers"feature*/
//$config->custom->modify_member['filter']='(objectclass=Person)';
	
/*Attributethatisaddedtothegroupmemberattribute.*/
//$config->custom->modify_member['attr']='dn';
	
/*ForPosixattributes*/
//$config->custom->modify_member['posixattr']='uid';
//$config->custom->modify_member['posixfilter']='(uid=*)';
//$config->custom->modify_member['posixgroupattr']='memberUid';
	
/*********************************************
*Supportforattrsdisplayorder*
*********************************************/
	
/*Usethisarrayifyouwanttohaveyourattributesdisplayedinaspecific
order.Youcanusedefaultattributenamesortheirfridenlynames.
Forexample,"sn"willbedisplayedrightafter"givenName".Alltheother
attributesthatarenotspecifiedinthisarraywillbedisplayedafterin
alphabeticalorder.*/
//$config->custom->appearance['attr_display_order']=array();
#$config->custom->appearance['attr_display_order']=array(
#'givenName',
#'sn',
#'cn',
#'displayName',
#'uid',
#'uidNumber',
#'gidNumber',
#'homeDirectory',
#'mail',
#'userPassword'
#);
	
/*********************************************
*DefineyourLDAPserversinthissection*
*********************************************/
	
$servers=newDatastore();
	
/*$servers->NewServer('ldap_pla')mustbecalledbeforeeachnewLDAPserver
declaration.*/
$servers->newServer('ldap_pla');
	
/*Aconvenientnamethatwillappearinthetreeviewerandthroughout
phpLDAPadmintoidentifythisLDAPservertousers.*/
$servers->setValue('server','name','MyLDAPServer');
	
/*Examples:
'ldap.example.com',
'ldaps://ldap.example.com/',
'ldapi://%2fusr%local%2fvar%2frun%2fldapi'
(Unixsocketat/usr/local/var/run/ldap)*/
//$servers->setValue('server','host','127.0.0.1');
	
/*TheportyourLDAPserverlistenson(noquotes).389isstandard.*/
//$servers->setValue('server','port',389);
	
/*ArrayofbaseDNsofyourLDAPserver.LeavethisblanktohavephpLDAPadmin
auto-detectitforyou.*/
//$servers->setValue('server','base',array(''));
	
/*Fouroptionsforauth_type:
1.'cookie':youwillloginviaawebform,andaclient-sidecookiewill
storeyourlogindnandpassword.
2.'session':sameascookiebutyourlogindnandpasswordarestoredonthe
webserverinapersistentsessionvariable.
3.'http':sameassessionbutyourlogindnandpasswordareretrievedvia
HTTPauthentication.
4.'config':specifyyourlogindnandpasswordhereinthisconfigfile.No
loginwillberequiredtousephpLDAPadminforthisserver.
	
Choosewiselytoprotectyourauthenticationinformationappropriatelyfor
yoursituation.Ifyouchoose'cookie',yourcookiecontentswillbe
encryptedusingblowfishandthesecretyourspecifyaboveas
session['blowfish'].*/
//$servers->setValue('login','auth_type','session');
	
/*TheDNoftheuserforphpLDAPadmintobindwith.Foranonymousbindsor
'cookie'or'session'auth_types,LEAVETHELOGIN_DNANDLOGIN_PASSBLANK.If
youspecifyalogin_attrinconjunctionwithacookieorsessionauth_type,
thenyoucanalsospecifythebind_id/bind_passhereforsearchingthe
directoryforusers(ie,ifyourLDAPserverdoesnotallowanonymousbinds.*/
//$servers->setValue('login','bind_id','');
#$servers->setValue('login','bind_id','cn=Manager,dc=example,dc=com');
	
/*YourLDAPpassword.Ifyouspecifiedanemptybind_idabove,thisMUSTalso
beblank.*/
//$servers->setValue('login','bind_pass','');
#$servers->setValue('login','bind_pass','secret');
	
/*UseTLS(TransportLayerSecurity)toconnecttotheLDAPserver.*/
//$servers->setValue('server','tls',false);
	
/************************************
*SASLAuthentication*
************************************/
	
/*EnableSASLauthenticationLDAPSASLauthenticationrequiresPHP5.x
configuredwith--with-ldap-sasl=DIR.Ifthisoptionisdisabled(ie,setto
false),thenallothersasloptionsareignored.*/
//$servers->setValue('server','sasl_auth',false);
	
/*SASLauthmechanism*/
//$servers->setValue('server','sasl_mech','PLAIN');
	
/*SASLauthenticationrealmname*/
//$servers->setValue('server','sasl_realm','');
#$servers->setValue('server','sasl_realm','example.com');
	
/*SASLauthorizationIDname
Ifthisoptionisundefined,authorizationidwillbecomputedfrombindDN,
usingsasl_authz_id_regexandsasl_authz_id_replacement.*/
//$servers->setValue('server','sasl_authz_id',null);
	
/*SASLauthorizationidregexandreplacement
Whensasl_authz_idpropertyisnotset(default),phpLDAPAdminwilltryto
figureoutauthorizationidbyitselffrombinddistinguishedname(DN).
	
Thisprocedureisdonebycallingpreg_replace()phpfunctioninthe
followingway:
	
$authz_id=preg_replace($sasl_authz_id_regex,$sasl_authz_id_replacement,
$bind_dn);
	
Forinfoaboutpcreregexes,see:
-pcre(3),perlre(3)
-http://www.php.net/preg_replace*/
//$servers->setValue('server','sasl_authz_id_regex',null);
//$servers->setValue('server','sasl_authz_id_replacement',null);
#$servers->setValue('server','sasl_authz_id_regex','/^uid=([^,]+)(.+)/i');
#$servers->setValue('server','sasl_authz_id_replacement','$1');
	
/*SASLauthsecurityprops.
Seehttp://beepcore-tcl.sourceforge.net/tclsasl.html#anchor5forexplanation.*/
//$servers->setValue('server','sasl_props',null);
	
/*Defaultpasswordhashingalgorithm.Oneofmd5,ssha,sha,md5crpyt,smd5,
blowfish,cryptorleaveblankfornowdefaultalgorithm.*/
//$servers->setValue('appearance','password_hash','md5');
	
/*Ifyouspecified'cookie'or'session'astheauth_typeabove,youcan
optionallyspecifyhereanattributetousewhenloggingin.Ifyouenter
'uid'andloginas'dsmith',phpLDAPadminwillsearchfor(uid=dsmith)
andloginasthatuser.
Leaveblankorspecify'dn'tousefullDNforloggingin.Notealsothatif
yourLDAPserverrequiresyoutologintoperformsearches,youcanenterthe
DNtousewhensearchingin'bind_id'and'bind_pass'above.*/
//$servers->setValue('login','attr','dn');
	
/*BaseDNstousedforlogins.Ifthisvalueisnotset,thentheLDAPserver
BaseDNsareused.*/
//$servers->setValue('login','base',array());
	
/*If'login,attr'isusedabovesuchthatphpLDAPadminwillsearchforyourDN
atlogin,youmayrestrictthesearchtoaspecificobjectClasses.EG,setthis
toarray('posixAccount')orarray('inetOrgPerson',..),dependinguponyour
setup.*/
//$servers->setValue('login','class',array());
	
/*Ifyouspecifiedsomethingdifferentfrom'dn',forexample'uid',asthe
login_attrabove,youcanoptionallyspecifyheretofallbackto
authenticationwithdn.
Thisisuseful,whenusersshouldbeabletologinwiththeiruid,but
theldapadministratorwantstologinwithhisroot-dn,thatdoesnot
necessarilyhavetheuidattribute.
Whenusingthisfeature,login_classisignored.*/
//$servers->setValue('login','fallback_dn',false);
	
/*SpecifytrueIfyouwantphpLDAPadmintonotdisplayorpermitany
modificationtotheLDAPserver.*/
//$servers->setValue('server','read_only',false);
	
/*SpecifyfalseifyoudonotwantphpLDAPadmintodrawthe'Createnew'links
inthetreeviewer.*/
//$servers->setValue('appearance','show_create',true);
	
/*ThisfeatureallowsphpLDAPadmintoautomaticallydeterminethenext
availableuidNumberforanewentry.*/
//$servers->setValue('auto_number','enable',true);
	
/*ThemechanismtousewhenfindingthenextavailableuidNumber.Twopossible
values:'uidpool'or'search'.
The'uidpool'mechanismusesanexistinguidPoolentryinyourLDAPserverto
blindlylookupthenextavailableuidNumber.The'search'mechanismsearches
forentrieswithauidNumbervalueandfindsthefirstavailableuidNumber
(slower).*/
//$servers->setValue('auto_number','mechanism','search');
	
/*TheDNofthesearchbasewhenthe'search'mechanismisusedabove.*/
#$servers->setValue('auto_number','search_base','ou=People,dc=example,dc=com');
	
/*Theminimumnumbertousewhensearchingforthenextavailablenumber
(onlywhen'search'isusedforauto_number.*/
//$servers->setValue('auto_number','min',array('uidNumber'=>1000,'gidNumber'=>500));
	
/*Ifyousetthis,thenphpldapadminwillbindtoLDAPwiththisuserIDwhen
searchingfortheuidnumber.Theideais,thisuseridwouldhavefull
(readonly)accesstouidnumberinyourldapdirectory(theloggedinuser
maynot),sothatyoucanbeguaranteedtogetauniqueuidnumberforyour
directory.*/
//$servers->setValue('auto_number','dn',null);
	
/*Thepasswordforthednabove.*/
//$servers->setValue('auto_number','pass',null);
	
/*Enableanonymousbindlogin.*/
//$servers->setValue('login','anon_bind',true);
	
/*Usecustomizedpagewithprefixwhenavailable.*/
#$servers->setValue('custom','pages_prefix','custom_');
	
/*Ifyousetthis,thenonlytheseDNsareallowedtologin.Thisarraycan
containindividualusers,groupsorldapsearchfilter(s).Keepinmindthat
theuserhasnotauthenticatedyet,sothiswillbeananonymoussearchto
theLDAPserver,somakeyourACLsallowthesesearchestoreturnresults!*/
#$servers->setValue('login','allowed_dns',array(
#'uid=stran,ou=People,dc=example,dc=com',
#'(&(gidNumber=811)(objectClass=groupOfNames))',
#'(|(uidNumber=200)(uidNumber=201))',
#'cn=callcenter,ou=Group,dc=example,dc=com'));
	
/*SetthisifyoudontwantthisLDAPservertoshowinthetree*/
//$servers->setValue('server','visible',true);
	
/*Thisisthetimeoutvalueinminutesfortheserver.Afterasmanyminutes
ofinactivityyouwillbeautomaticallyloggedout.Ifnotset,thedefault
valuewillbe(session_cache_expire()-1)*/
#$servers->setValue('login','timeout',30);
	
/*Setthisifyouwantphpldapadmintoperformrenameoperationonentrywhich
haschildren.Certainserversareknowntoallowit,certainarenot.*/
//$servers->setValue('server','branch_rename',false);
	
/*Ifyousetthis,thenphpldapadminwillshowtheseattributesas
internalattributes,eveniftheyarenotdefinedinyourschema.*/
//$servers->setValue('server','custom_sys_attrs',array(''));
#$servers->setValue('server','custom_sys_attrs',array('passwordExpirationTime','passwordAllowChangeTime'));
	
/*Ifyousetthis,thenphpldapadminwillshowtheseattributeson
objects,eveniftheyarenotdefinedinyourschema.*/
//$servers->setValue('server','custom_attrs',array(''));
#$servers->setValue('server','custom_attrs',array('nsRoleDN','nsRole','nsAccountLock'));
	
/*TheseattributeswillbeforcedtoMAYattributesandbecomeoptioninthe
templates.Iftheyarenotdefinedinthetemplates,thentheywontappear
aspernormaltemplateprocessing.YoumaywanttodothisbecauseyourLDAP
servermayautomaticallycalculateadefaultvalue.
InFedoraDirectoryServerusingtheDNAPluginonecouldignoreuidNumber,
gidNumberandsambaSID.*/
//$servers->setValue('force_may','attrs',array(''));
#$servers->setValue('force_may','attrs',array('uidNumber','gidNumber','sambaSID'));
	
/*********************************************
*Uniqueattributes*
*********************************************/
	
/*YoumaywantphpLDAPadmintoenforcesomeattributestohaveuniquevalues
(ie:notbelongtootherentriesinyourtree.This(togetherwith
'unique','dn'and'unique','pass'optionwillnotletupdatesto
occurwithotherattributeshavethesamevalue.*/
#$servers->setValue('unique','attrs',array('mail','uid','uidNumber'));
	
/*Ifyousetthis,thenphpldapadminwillbindtoLDAPwiththisuserIDwhen
searchingforattributeuniqueness.Theideais,thisuseridwouldhavefull
(readonly)accesstoyourldapdirectory(theloggedinusermaynot),so
thatyoucanbeguaranteedtogetauniqueuidnumberforyourdirectory.*/
//$servers->setValue('unique','dn',null);
	
/*Thepasswordforthednabove.*/
//$servers->setValue('unique','pass',null);
	
/**************************************************************************
*IfyouwanttoconfigureadditionalLDAPservers,dosobelow.*
*Removethecommentedlinesandusethissectionasatemplateforall*
*yourotherLDAPservers.*
**************************************************************************/
	
/*
$servers->newServer('ldap_pla');
$servers->setValue('server','name','LDAPServer');
$servers->setValue('server','host','127.0.0.1');
$servers->setValue('server','port',389);
$servers->setValue('server','base',array(''));
$servers->setValue('login','auth_type','cookie');
$servers->setValue('login','bind_id','');
$servers->setValue('login','bind_pass','');
$servers->setValue('server','tls',false);
	
#SASLauth
$servers->setValue('server','sasl_auth',true);
$servers->setValue('server','sasl_mech','PLAIN');
$servers->setValue('server','sasl_realm','EXAMPLE.COM');
$servers->setValue('server','sasl_authz_id',null);
$servers->setValue('server','sasl_authz_id_regex','/^uid=([^,]+)(.+)/i');
$servers->setValue('server','sasl_authz_id_replacement','$1');
$servers->setValue('server','sasl_props',null);
	
$servers->setValue('appearance','password_hash','md5');
$servers->setValue('login','attr','dn');
$servers->setValue('login','fallback_dn',false);
$servers->setValue('login','class',null);
$servers->setValue('server','read_only',false);
$servers->setValue('appearance','show_create',true);
	
$servers->setValue('auto_number','enable',true);
$servers->setValue('auto_number','mechanism','search');
$servers->setValue('auto_number','search_base',null);
$servers->setValue('auto_number','min',array('uidNumber'=>1000,'gidNumber'=>500));
$servers->setValue('auto_number','dn',null);
$servers->setValue('auto_number','pass',null);
	
$servers->setValue('login','anon_bind',true);
$servers->setValue('custom','pages_prefix','custom_');
$servers->setValue('unique','attrs',array('mail','uid','uidNumber'));
$servers->setValue('unique','dn',null);
$servers->setValue('unique','pass',null);
	
$servers->setValue('server','visible',true);
$servers->setValue('login','timeout',30);
$servers->setValue('server','branch_rename',false);
$servers->setValue('server','custom_sys_attrs',array('passwordExpirationTime','passwordAllowChangeTime'));
$servers->setValue('server','custom_attrs',array('nsRoleDN','nsRole','nsAccountLock'));
$servers->setValue('force_may','attrs',array('uidNumber','gidNumber','sambaSID'));
*/
//NewServer
$servers->newServer('ldap_pla');
$servers->setValue('server','name','LocalServer');
$servers->setValue('server','host','127.0.0.1');
$servers->setValue('server','port',389);
$servers->setValue('server','base',array(''));
$servers->setValue('login','auth_type','cookie');
$servers->setValue('login','bind_id','');
$servers->setValue('login','bind_pass','');
$servers->setValue('server','tls',false);
	
$servers->setValue('appearance','password_hash','sha');
$servers->setValue('login','attr','dn');
$servers->setValue('login','fallback_dn',false);
//$servers->setValue('login','class',array('person'));
$servers->setValue('server','read_only',false);
$servers->setValue('appearance','show_create',true);
	
$servers->setValue('login','anon_bind',true);
$servers->setValue('custom','pages_prefix','custom_');
$servers->setValue('unique','attrs',array('mail','uid','uidNumber'));
$servers->setValue('unique','dn',null);
$servers->setValue('unique','pass',null);
	
$servers->setValue('server','visible',true);
$servers->setValue('login','timeout',30);
$servers->setValue('server','branch_rename',false);
$servers->setValue('server','custom_sys_attrs',array('passwordExpirationTime','passwordAllowChangeTime'));
$servers->setValue('server','custom_attrs',array('nsRoleDN','nsRole','nsAccountLock'));
//$servers->setValue('force_may','attrs',array('uidNumber','gidNumber','sambaSID'));
	
//NewServer
$servers->newServer('ldap_pla');
$servers->setValue('server','name','Home');
$servers->setValue('server','host',ldap.example.com');
$servers->setValue('server','port',389);
$servers->setValue('server','base',array('dc=example,dc=com'));
$servers->setValue('login','auth_type','cookie');
$servers->setValue('login','bind_id','');
$servers->setValue('login','bind_pass','');
$servers->setValue('server','tls',false);
	
$servers->setValue('appearance','password_hash','sha');
$servers->setValue('login','attr','uid');
$servers->setValue('login','fallback_dn',false);
//$servers->setValue('login','class',null);
$servers->setValue('server','read_only',false);
$servers->setValue('appearance','show_create',true);
	
$servers->setValue('login','anon_bind',true);
$servers->setValue('custom','pages_prefix','custom_');
$servers->setValue('unique','attrs',array('mail','uid','uidNumber'));
$servers->setValue('unique','dn',null);
$servers->setValue('unique','pass',null);
	
$servers->setValue('server','visible',true);
$servers->setValue('login','timeout',30);
$servers->setValue('server','branch_rename',false);
$servers->setValue('server','custom_sys_attrs',array('passwordExpirationTime','passwordAllowChangeTime'));
$servers->setValue('server','custom_attrs',array('nsRoleDN','nsRole','nsAccountLock'));
//$servers->setValue('force_may','attrs',array('uidNumber','gidNumber','sambaSID'));
	
?>