lisp/net/{eudc,ldap}: Merge branch streamline-eudc-configuration

author: Stefan Monnier 2015-01-23 17:20:19 -0500
committer: Stefan Monnier 2015-01-23 17:20:19 -0500
commit: ac5475dacb20d240db27d56199910d8a6fcc90e8 (patch)
tree: 2f18fd1d40f2ba65122636bf81730ccb614a166b /doc/misc
parent: fd62486e819056bc9d0f00c09731a45a7f837997 (diff)
parent: e56e1b924d23a358a14ab069237db35a1c76d6a9 (diff)
download: emacs-ac5475dacb20d240db27d56199910d8a6fcc90e8.tar.gz
emacs-ac5475dacb20d240db27d56199910d8a6fcc90e8.zip
2 files changed, 129 insertions, 10 deletions
diff --git a/doc/misc/ChangeLog b/doc/misc/ChangeLog
index 2baa13cea8c..e75589f92ec 100644
--- a/doc/misc/ChangeLog
+++ b/doc/misc/ChangeLog
@@ -1,3 +1,8 @@
+2015-01-23  Thomas Fitzsimmons  <fitzsim@fitzsim.org>
+        * eudc.texi (LDAP Configuration): Rename from LDAP Requirements
+        and provide configuration examples.
 2015-01-17  Stefan Monnier  <monnier@iro.umontreal.ca>
        * eieio.texi (Slot Options): Document :protection as unsupported.
@@ -28,8 +33,8 @@
 2014-12-18  Eric Abrahamsen  <eric@ericabrahamsen.net>
-        * gnus.texi (Gnus Registry Setup): Explain pruning changes.  Mention
+        * gnus.texi (Gnus Registry Setup): Explain pruning changes.
-        gnus-registry-prune-factor. Explain sorting changes and
+        Mention gnus-registry-prune-factor. Explain sorting changes and
        gnus-registry-default-sort-function. Correct file extension.
 2014-12-17  Jay Belanger  <jay.p.belanger@gmail.com>
diff --git a/doc/misc/eudc.texi b/doc/misc/eudc.texi
index b5a4e3aae40..9757c82fe7e 100644
--- a/doc/misc/eudc.texi
+++ b/doc/misc/eudc.texi
@@ -137,7 +137,7 @@ location, etc@enddots{} More information about LDAP can be found at
 @url{http://www.openldap.org/}.
 EUDC requires external support to access LDAP directory servers
-(@pxref{LDAP Requirements})
+(@pxref{LDAP Configuration})
 @node CCSO PH/QI
@@ -213,17 +213,131 @@ email composition buffers (@pxref{Inline Query Expansion})
 @end lisp
 @menu
-* LDAP Requirements::           EUDC needs external support for LDAP
+* LDAP Configuration::           EUDC needs external support for LDAP
 @end menu
-@node LDAP Requirements
+@node LDAP Configuration
-@section LDAP Requirements
+@section LDAP Configuration
-LDAP support is added by means of @file{ldap.el}, which is part of Emacs.
+LDAP support is added by means of @file{ldap.el}, which is part of
-@file{ldap.el} needs an external command line utility named
+Emacs.  @file{ldap.el} needs an external command line utility named
-@file{ldapsearch}, available as part of Open LDAP
+@file{ldapsearch}, available as part of OpenLDAP
-(@url{http://www.openldap.org/}).
+(@url{http://www.openldap.org/}).  The configurations in this section
+were tested with OpenLDAP 2.4.23.
+The following examples use a base of
+@code{ou=people,dc=example,dc=com} and the host name
+@code{directory.example.com}, a server that supports LDAP-over-SSL
+(the @code{ldaps} protocol, with default port @code{636}) and which
+requires authentication by the user @code{emacsuser} with password
+@code{s3cr3t}.
+These configurations are meant to be self-contained; that is, each
+provides everything required for sensible TAB-completion of email
+fields.  BBDB lookups are attempted first; if a matching BBDB entry is
+found then EUDC will not attempt any LDAP lookups.
+Wildcard LDAP lookups are supported using the @code{*} character.  For
+example, attempting to TAB-complete the following:
+@example
+To: * Smith
+@end example
+will return all LDAP entries with surnames that begin with
+@code{Smith}.  In every LDAP query it makes, EUDC implicitly appends
+the wildcard character to the end of the last word.
+@subsection Emacs-only Configuration
+Emacs can pass most required configuration options via the
+@file{ldapsearch} command-line.  One exception is certificate
+configuration for LDAP-over-SSL, which must be specified in
+@file{/etc/openldap/ldap.conf}.  On systems that provide such
+certificates as part of the @code{OpenLDAP} installation, this can be
+as simple as one line:
+@example
+TLS_CACERTDIR /etc/openldap/certs
+@end example
+In @file{.emacs}, these expressions suffice to configure EUDC for
+LDAP:
+@lisp
+(eval-after-load "message"
+  '(define-key message-mode-map (kbd "TAB") 'eudc-expand-inline))
+(customize-set-variable 'eudc-server-hotlist
+                        '(("" . bbdb)
+                          ("ldaps://directory.example.com" . ldap)))
+(customize-set-variable 'ldap-host-parameters-alist
+                        '(("ldaps://directory.example.com"
+                           base "ou=people,dc=example,dc=com"
+                           binddn "example\\emacsuser"
+                           passwd ldap-password-read)))
+@end lisp
+Specifying the function @code{ldap-password-read} for @code{passwd}
+will cause Emacs to prompt interactively for the password.  The
+password will then be validated and cached, unless
+@code{password-cache} is nil.  You can customize
+@code{password-cache-expiry} to control the duration for which the
+password is cached.  If you want to clear the cache, call
+@code{password-reset}.
+@subsection External Configuration
+Your system may already be configured for a default LDAP server.  For
+example, @file{/etc/openldap/ldap.conf} might contain:
+@example
+BASE ou=people,dc=example,dc=com
+URI ldaps://directory.example.com
+TLS_CACERTDIR /etc/openldap/certs
+@end example
+To authenticate, the @dfn{bind distinguished name (binddn)} is
+required, in this case, @code{example\emacsuser}, along with the
+password.  These can be specified in @file{~/.authinfo.gpg} with the
+following line:
+@example
+machine ldaps://directory.example.com binddn example\emacsuser password s3cr3t
+@end example
+Then in the @file{.emacs} init file, these expressions suffice to
+configure EUDC for LDAP:
+@lisp
+(eval-after-load "message"
+  '(define-key message-mode-map (kbd "TAB") 'eudc-expand-inline))
+(customize-set-variable 'eudc-server-hotlist
+                        '(("" . bbdb)
+                          ("ldaps://directory.example.com" . ldap)))
+(customize-set-variable 'ldap-host-parameters-alist
+                        '(("ldaps://directory.example.com"
+                           auth-source t)))
+@end lisp
+For this example where we only care about one server, the server name
+can be omitted in @file{~/.authinfo.gpg} and @file{.emacs}, in which
+case @file{ldapsearch} defaults to the host name in
+@file{/etc/openldap/ldap.conf}.
+The @file{~/.authinfo.gpg} line becomes:
+@example
+binddn example\emacsuser password s3cr3t
+@end example
+and the @file{.emacs} expressions become:
+@lisp
+(eval-after-load "message"
+  '(define-key message-mode-map (kbd "TAB") 'eudc-expand-inline))
+(customize-set-variable 'eudc-server-hotlist '(("" . bbdb) ("" . ldap)))
+(customize-set-variable 'ldap-host-parameters-alist '(("" auth-source t)))
+@end lisp
 @node Usage
 @chapter Usage
author	Stefan Monnier	2015-01-23 17:20:19 -0500
committer	Stefan Monnier	2015-01-23 17:20:19 -0500
commit	ac5475dacb20d240db27d56199910d8a6fcc90e8 (patch)
tree	2f18fd1d40f2ba65122636bf81730ccb614a166b /doc/misc
parent	fd62486e819056bc9d0f00c09731a45a7f837997 (diff)
parent	e56e1b924d23a358a14ab069237db35a1c76d6a9 (diff)
download	emacs-ac5475dacb20d240db27d56199910d8a6fcc90e8.tar.gz emacs-ac5475dacb20d240db27d56199910d8a6fcc90e8.zip

diff --git a/doc/misc/ChangeLog b/doc/misc/ChangeLog index 2baa13cea8c..e75589f92ec 100644 --- a/doc/misc/ChangeLog +++ b/doc/misc/ChangeLog
@@ -1,3 +1,8 @@
		1	2015-01-23 Thomas Fitzsimmons <fitzsim@fitzsim.org>
		2
		3	* eudc.texi (LDAP Configuration): Rename from LDAP Requirements
		4	and provide configuration examples.
		5
1	2015-01-17 Stefan Monnier <monnier@iro.umontreal.ca>	6	2015-01-17 Stefan Monnier <monnier@iro.umontreal.ca>
2		7
3	* eieio.texi (Slot Options): Document :protection as unsupported.	8	* eieio.texi (Slot Options): Document :protection as unsupported.
@@ -28,8 +33,8 @@
28		33
29	2014-12-18 Eric Abrahamsen <eric@ericabrahamsen.net>	34	2014-12-18 Eric Abrahamsen <eric@ericabrahamsen.net>
30		35
31	* gnus.texi (Gnus Registry Setup): Explain pruning changes. Mention	36	* gnus.texi (Gnus Registry Setup): Explain pruning changes.
32	gnus-registry-prune-factor. Explain sorting changes and	37	Mention gnus-registry-prune-factor. Explain sorting changes and
33	gnus-registry-default-sort-function. Correct file extension.	38	gnus-registry-default-sort-function. Correct file extension.
34		39
35	2014-12-17 Jay Belanger <jay.p.belanger@gmail.com>	40	2014-12-17 Jay Belanger <jay.p.belanger@gmail.com>


diff --git a/doc/misc/eudc.texi b/doc/misc/eudc.texi index b5a4e3aae40..9757c82fe7e 100644 --- a/doc/misc/eudc.texi +++ b/doc/misc/eudc.texi
@@ -137,7 +137,7 @@ location, etc@enddots{} More information about LDAP can be found at
137	@url{http://www.openldap.org/}.	137	@url{http://www.openldap.org/}.
138		138
139	EUDC requires external support to access LDAP directory servers	139	EUDC requires external support to access LDAP directory servers
140	(@pxref{LDAP Requirements})	140	(@pxref{LDAP Configuration})
141		141
142		142
143	@node CCSO PH/QI	143	@node CCSO PH/QI
@@ -213,17 +213,131 @@ email composition buffers (@pxref{Inline Query Expansion})
213	@end lisp	213	@end lisp
214		214
215	@menu	215	@menu
216	* LDAP Requirements:: EUDC needs external support for LDAP	216	* LDAP Configuration:: EUDC needs external support for LDAP
217	@end menu	217	@end menu
218		218
219	@node LDAP Requirements	219	@node LDAP Configuration
220	@section LDAP Requirements	220	@section LDAP Configuration
221		221
222	LDAP support is added by means of @file{ldap.el}, which is part of Emacs.	222	LDAP support is added by means of @file{ldap.el}, which is part of
223	@file{ldap.el} needs an external command line utility named	223	Emacs. @file{ldap.el} needs an external command line utility named
224	@file{ldapsearch}, available as part of Open LDAP	224	@file{ldapsearch}, available as part of OpenLDAP
225	(@url{http://www.openldap.org/}).	225	(@url{http://www.openldap.org/}). The configurations in this section
		226	were tested with OpenLDAP 2.4.23.
226		227
		228	The following examples use a base of
		229	@code{ou=people,dc=example,dc=com} and the host name
		230	@code{directory.example.com}, a server that supports LDAP-over-SSL
		231	(the @code{ldaps} protocol, with default port @code{636}) and which
		232	requires authentication by the user @code{emacsuser} with password
		233	@code{s3cr3t}.
		234
		235	These configurations are meant to be self-contained; that is, each
		236	provides everything required for sensible TAB-completion of email
		237	fields. BBDB lookups are attempted first; if a matching BBDB entry is
		238	found then EUDC will not attempt any LDAP lookups.
		239
		240	Wildcard LDAP lookups are supported using the @code{*} character. For
		241	example, attempting to TAB-complete the following:
		242
		243	@example
		244	To: * Smith
		245	@end example
		246
		247	will return all LDAP entries with surnames that begin with
		248	@code{Smith}. In every LDAP query it makes, EUDC implicitly appends
		249	the wildcard character to the end of the last word.
		250
		251	@subsection Emacs-only Configuration
		252
		253	Emacs can pass most required configuration options via the
		254	@file{ldapsearch} command-line. One exception is certificate
		255	configuration for LDAP-over-SSL, which must be specified in
		256	@file{/etc/openldap/ldap.conf}. On systems that provide such
		257	certificates as part of the @code{OpenLDAP} installation, this can be
		258	as simple as one line:
		259
		260	@example
		261	TLS_CACERTDIR /etc/openldap/certs
		262	@end example
		263
		264	In @file{.emacs}, these expressions suffice to configure EUDC for
		265	LDAP:
		266
		267	@lisp
		268	(eval-after-load "message"
		269	'(define-key message-mode-map (kbd "TAB") 'eudc-expand-inline))
		270	(customize-set-variable 'eudc-server-hotlist
		271	'(("" . bbdb)
		272	("ldaps://directory.example.com" . ldap)))
		273	(customize-set-variable 'ldap-host-parameters-alist
		274	'(("ldaps://directory.example.com"
		275	base "ou=people,dc=example,dc=com"
		276	binddn "example\\emacsuser"
		277	passwd ldap-password-read)))
		278	@end lisp
		279
		280	Specifying the function @code{ldap-password-read} for @code{passwd}
		281	will cause Emacs to prompt interactively for the password. The
		282	password will then be validated and cached, unless
		283	@code{password-cache} is nil. You can customize
		284	@code{password-cache-expiry} to control the duration for which the
		285	password is cached. If you want to clear the cache, call
		286	@code{password-reset}.
		287
		288	@subsection External Configuration
		289
		290	Your system may already be configured for a default LDAP server. For
		291	example, @file{/etc/openldap/ldap.conf} might contain:
		292
		293	@example
		294	BASE ou=people,dc=example,dc=com
		295	URI ldaps://directory.example.com
		296	TLS_CACERTDIR /etc/openldap/certs
		297	@end example
		298
		299	To authenticate, the @dfn{bind distinguished name (binddn)} is
		300	required, in this case, @code{example\emacsuser}, along with the
		301	password. These can be specified in @file{~/.authinfo.gpg} with the
		302	following line:
		303
		304	@example
		305	machine ldaps://directory.example.com binddn example\emacsuser password s3cr3t
		306	@end example
		307
		308	Then in the @file{.emacs} init file, these expressions suffice to
		309	configure EUDC for LDAP:
		310
		311	@lisp
		312	(eval-after-load "message"
		313	'(define-key message-mode-map (kbd "TAB") 'eudc-expand-inline))
		314	(customize-set-variable 'eudc-server-hotlist
		315	'(("" . bbdb)
		316	("ldaps://directory.example.com" . ldap)))
		317	(customize-set-variable 'ldap-host-parameters-alist
		318	'(("ldaps://directory.example.com"
		319	auth-source t)))
		320	@end lisp
		321
		322	For this example where we only care about one server, the server name
		323	can be omitted in @file{~/.authinfo.gpg} and @file{.emacs}, in which
		324	case @file{ldapsearch} defaults to the host name in
		325	@file{/etc/openldap/ldap.conf}.
		326
		327	The @file{~/.authinfo.gpg} line becomes:
		328
		329	@example
		330	binddn example\emacsuser password s3cr3t
		331	@end example
		332
		333	and the @file{.emacs} expressions become:
		334
		335	@lisp
		336	(eval-after-load "message"
		337	'(define-key message-mode-map (kbd "TAB") 'eudc-expand-inline))
		338	(customize-set-variable 'eudc-server-hotlist '(("" . bbdb) ("" . ldap)))
		339	(customize-set-variable 'ldap-host-parameters-alist '(("" auth-source t)))
		340	@end lisp
227		341
228	@node Usage	342	@node Usage
229	@chapter Usage	343	@chapter Usage