Option | Description |
---|---|
StripAuthenticationDomain | Strips the login value up to and including the first slash. This will change a login of "coils.example.com\adam" to "adam". This is useful for some clients which may automatically qualify the username with a domain. |
AllowSpacesInLogin | This option is for compatibility with OpenGrouwpare Legacy, it currently has not effect on how Coils processes authentication. |
LSUseLowercaseLogin | If enabled the login value will be changed to lower-case before matched to the account database. Several authentication backends, including LDAP, process account names as case-insensitive strings while others are case-sensitive. Set this directive according to the authentication backend in use. |
All these options are YES / NO.
coils-server-config --directive=LSUseLowercaseLogin --value=YES coils-server-config --directive=LSUseLowercaseLogin --value=YES
If you are attempting to use the Microsoft Windows Filesystem Redirector to access or mount OpenGroupware Coils via WeDAV and are failing with a "System Error 5 has occurred" enabling the StripAuthenticationDomain is a probable solution.
The PYTrustedHosts configuration directive is a list of hostnames from which connections should be trusted. When a connection is trusted the credentials are not verified, the connection will be authenticated as the declared user/context.
coils-server-config --directive=PYTrustedHosts --value='["host1.example.com","host2.example.net"]'
Be cautions when adding host names to PYTrustedHosts. DNS is not necessarily a secure server and, especially if proxy servers are involved, the true origin of a connection can be obscured.
LDAP Authentication is enabled for BASIC authentication if the LSAuthLDAPServer directive is defined.
Option | Description |
---|---|
LSAuthLDAPServer | |
LSAuthLDAPSearchFilter | |
LSAuthLDAPServerRoot | |
LDAPInitialBindDN | |
LDAPInitialBindPW | |
LDAPLoginAttributeName |
News: 2013/02/authentication-documentation
Wiki: MSRedirector