All configuration settings in the [ldapenforcer] section can also be set via environment variables using the following format:
LDAPENFORCER_<SETTING_NAME>
Where <SETTING_NAME> is the uppercase name of the configuration setting with underscores. For example:
LDAPENFORCER_URIfor the LDAP URILDAPENFORCER_BIND_DNfor the bind DNLDAPENFORCER_PASSWORDfor the passwordLDAPENFORCER_PASSWORD_FILEfor the password file pathLDAPENFORCER_CA_CERT_FILEfor the CA certificate fileLDAPENFORCER_LOG_LEVELfor the main log levelLDAPENFORCER_LDAP_LOG_LEVELfor the LDAP-specific log levelLDAPENFORCER_PEOPLE_BASE_DNfor the people base DNLDAPENFORCER_SVCACCT_BASE_DNfor the service accounts base DNLDAPENFORCER_GROUP_BASE_DNfor the groups base DNLDAPENFORCER_MANAGED_OUfor the managed OU name
For boolean settings like password_command_via_shell, the value should be a valid boolean string:
LDAPENFORCER_PASSWORD_COMMAND_VIA_SHELL="true"for trueLDAPENFORCER_PASSWORD_COMMAND_VIA_SHELL="false"for false
For the includes setting, the value should be a comma-separated list:
LDAPENFORCER_INCLUDES="file1.toml,file2.toml"orLDAPENFORCER_INCLUDES="file1.toml, file2.toml"
Note that users and groups must be configured in TOML config files.