blob: 5e5506610bde73150ba89739b663b3db6fce423b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
rootbinddn cn=<%= fqdn %>,ou=Hosts,<%= dc_suffix %>
uri ldaps://ldap.<%= domain %>
base <%= dc_suffix %>
timelimit 4
bind_timelimit 4
pam_lookup_policy yes
pam_password exop
nss_base_passwd ou=People,<%= dc_suffix %>?one
nss_base_shadow ou=People,<%= dc_suffix %>?one
nss_base_group ou=Group,<%= dc_suffix %>?one
nss_schema rfc2307bis
nss_map_attribute uniqueMember member
sudoers_base ou=sudoers,<%= dc_suffix %>
#sudoers_debug 2
<%-
restricted_shell = scope.lookupvar('pam::multiple_ldap_access::restricted_shell')
if restricted_shell
-%>
# for restricted access
nss_override_attribute_value loginShell /usr/local/bin/sv_membersh.pl
<% end %>
|