config.yml

Log Settings

The following table describes log settings items.

Parameter NameDescriptionRequiredPossible ValuesDefaultExample ConfigurationComments
log

loglevel

Level of output log entry

Yes

One of the following possible values

  • info
  • warn
  • error
 

info

Refer to "Logs" for more information on log levels.

Active Directory Settings

The following table describes the Active Directory settings items.

Parameter NameDescriptionRequiredPossible ValuesDefaultExample ConfigurationComments
ad

ldap

server

user

AD DS login user
Yes

DN (distinguished name)

 

'CN=administrator,CN=Users,DC=example,DC=co,DC=jp'

 
base_dn

Base distinguished name

Yes
DN (distinguished name) 

'DC=example,DC=co,DC=jp'

 
filteruser

Specifies the filter used to search users via LDAP

 

Search filter format usable by ldapsearch (compliant with RFC 1558)

 

'cn=IIJ Taro'

 

IIJ ID Server Settings

The following table describes IIJ ID SCIM server connection settings items.

Parameter Name

Description

Required

Possible Values

Default

Example Configuration

Comments

iid


scim


 http


proxy


use

Enables use of a proxy for communication with the SCIM server

 

One of the following possible values

  • true

  • false

falsetrue 

address

IP address or host name of the proxy server

 IP address or host name proxy.example.co.jp 
port

Port number of the proxy server

 

Value from 1 to 65535

8080

8080

 
userUser name used for proxy authentication    iij-taro

Enabled when iid.scim.http.proxy.password (secret.yml) is also described 

User Settings

These settings are used to configure Active Directory attributes tied to IIJ ID users.

Parameter Name

Description

Required

Possible Values

Default

Example Configuration

Comments

iidscimattributeuserad_bind

externalId

External ID

Yes

One of the following possible values

  • objectGUID
  • userPrincipalName
  • sAMAccountName
  • mail
 

objectGUID

 
【注意】

If using the software together with Directory Sync, make sure that the external IDs (users) are configured the same in both Directory Sync and Password Sync.

【参考】

External IDs configured here function as attributes to create correspondence between Active Directory and the IIJ ID Service.