bc-serverservice AD

This is a user service which maps Active Directory users and groups into BeyondCron users and roles.

Environment variables

BEYONDCRON_STATUS_SERVICE AD
AD_CONFIG Name of a configuration file containing Active Directory user service configuration variables. If not an absolute file name, BeyondCron will search BEYONDCRON_DIR_CONFIG, the directory in which bc-server was started, and ~/.AD_CONFIG for this file. Default is ad.dat

Configuration variables

The following configuration variables can be defined within the AD_CONFIG file, or as environment variables.

AD_URL Active Directory server LDAP URL.
e.g. ldap://example.com:389/
AD_QUERY_USER_DN Distinguished name of user with read access to Active Directory user and group entries.
e.g. Example\beyondcron
AD_QUERY_USER_PASSWORD Password of query user.
AD_USERS_DN Distinguished name of the node containing Active Directory user entries.
e.g. CN=Users,DC=example,DC=com
AD_GROUPS_DN Distinguished name of the node containing Active Directory group entries. Default is AD_USERS_DN
AD_REFRESH_PERIOD Period in minutes after which the Active Directory user/group → BeyondCron user/role mappings are refreshed. The command user service can be used to refresh on demand. Default is 15 minutes.
AD_GROUP_PREFIX Any Active Directory groups named with this prefix will be mapped within BeyondCron as roles without the prefix. e.g. bc_operatoroperator. Any users belonging to these groups will be registered as belonging to the resultant role. Default is bc_
AD_GROUP_REQUIRED If true, only Active Directory users who belong to one or more bc_name groups will be able to login to BeyondCron. Default is false

See also

  • service user AWS
  • service user Unix