'self_registration_message'=>'If you would like to send us a registration request, please fill out the form below. Make sure you fill out as much information as possible in order to ease the task of the administrators.',
'newUserText'=>'Dear new MISP user,\\n\\nWe would hereby like to welcome you to the $org MISP community.\\n\\n Use the credentials below to log into MISP at $misp, where you will be prompted to manually change your password to something of your own choice.\\n\\nUsername: $username\\nPassword: $password\\n\\nIf you have any questions, don\'t hesitate to contact us at: $contact.\\n\\nBest regards,\\nYour $org MISP support team',
'passwordResetText'=>'Dear MISP user,\\n\\nA password reset has been triggered for your account. Use the below provided temporary password to log into MISP at $misp, here you will be prompted to manually change your password to something of your own choice.\\n\\nUsername: $username\\nYour temporary password: $password\\n\\nIf you have any questions, don\'t hesitate to contact us at: $contact.\\n\\nBest regards,\\n Your $org MISP support team',
'enableEventBlocklisting'=>true,
'enableOrgBlocklisting'=>true,
'log_client_ip'=>false,
'log_auth'=>false,
'disableUserSelfManagement'=>false,
'disable_user_login_change'=>false,
'disable_user_password_change'=>false,
'disable_user_add'=>false,
'block_event_alert'=>false,
'block_event_alert_tag'=>'no-alerts="true"',
'block_old_event_alert'=>false,
'block_old_event_alert_age'=>0,
'block_old_event_alert_by_date'=>0,
'incoming_tags_disabled_by_default'=>false,
'maintenance_message'=>'Great things are happening! MISP is undergoing maintenance, but will return shortly. You can contact the administration at $email.',
// Uncomment the following to enable client SSL certificate authentication
/*
'CertAuth'=>array(
// CA
'ca'=>array('FIRST.Org'),// List of CAs authorized
'caId'=>'O',// Certificate field used to verify the CA. In this example, the field O (organization) of the client certificate has to equal to 'FIRST.Org' in order to validate the CA
// User/client configuration
'userModel'=>'User',// name of the User class (MISP class) to check if the user exists
'userModelKey'=>'email',// User field that will be used for querying. In this example, the field email of the MISP accounts will be used to search if the user exists.
'map'=>array(// maps client certificate attributes to User properties. This map will be used as conditions to find if the user exists. In this example, the client certificate fields 'O' (organization) and 'emailAddress' have to match with the MISP fields 'org' and 'email' to validate the user.
// 'memberOf', //Needed filter if roles should be added depending on group membership.
),
'ldapDefaultRoleId'=>3,// 3:User, 1:admin. May be good to set "1" for the first user
//ldapDefaultRoleId can also be set as an array to support creating users into different group, depending on ldap membership.
//This will only work if the ldap server supports memberOf
//'ldapDefaultRoleId' => array(
// 'misp_admin' => 1,
// 'misp_orgadmin' => 2,
// 'misp_user' => 3,
// 'misp_publisher' => 4,
// 'misp_syncuser' => 5,
// 'misp_readonly' => 6,
// ),
//
'ldapDefaultOrg'=>'1',// uses 1st local org in MISP if undefined,
'ldapAllowReferrals'=>true,// allow or disallow chasing LDAP referrals
//'ldapEmailField' => array('emailAddress, 'mail'), // Optional : fields from which the email address should be retrieved. Default to 'mail' only. If more than one field is set (e.g. 'emailAddress' and 'mail' in this example), only the first one will be used.
//'updateUser' => true, // Optional : Will update user on LDAP login to update user fields (e.g. role)
),
*/
// Warning: The following is a 3rd party contribution and still untested (including security) by the MISP-project team.
// Feel free to enable it and report back to us if you run into any issues.
//
// Uncomment the following to enable Azure AD authentication
/*
'AadAuth'=>array(
'client_id'=>'',// Client ID (see Azure AD)
'ad_tenant'=>'',// Directory ID (see Azure AD)
'client_secret'=>'',// Client secret (see Azure AD)
'redirect_uri'=>'',// Your MISP URI, must be the same as in Azure AD
'auth_provider'=>'https://login.microsoftonline.com/',// Can be left to this default
'auth_provider_user'=>'https://graph.microsoft.com/',// Can be left to this default
'misp_user'=>'MISP Users',// The AD group for MISP users
'misp_orgadmin'=>'MISP Administrators',// The AD group for MISP administrators
'misp_siteadmin'=>'MISP Site Administrators',// The AD group for MISP site administrators
'check_ad_groups'=>true// Should we check if the user belongs to one of the above AD groups?