diff options
| -rw-r--r-- | modules/pam/manifests/init.pp | 3 | ||||
| -rw-r--r-- | modules/pam/templates/ldap.conf | 3 |
2 files changed, 5 insertions, 1 deletions
diff --git a/modules/pam/manifests/init.pp b/modules/pam/manifests/init.pp index 210526c9..20a8f58a 100644 --- a/modules/pam/manifests/init.pp +++ b/modules/pam/manifests/init.pp @@ -20,6 +20,9 @@ class pam { mode => 644, content => template("pam/nsswitch.conf") } + + $nssldap_password = extlookup("nssldap_password") + file { "ldap.conf": path => "/etc/ldap.conf", owner => root, diff --git a/modules/pam/templates/ldap.conf b/modules/pam/templates/ldap.conf index 35575845..61f1bee7 100644 --- a/modules/pam/templates/ldap.conf +++ b/modules/pam/templates/ldap.conf @@ -1,4 +1,5 @@ - +binddn uid=nssldap,ou=System Accounts,<%= dc_suffix %> +bindpw <%= nssldap_password %> uri ldaps://ldap.<%= domain %> base <%= dc_suffix %> pam_lookup_policy no |