From c9bda43e9f60b287bc43e25e8fce946314280ecd Mon Sep 17 00:00:00 2001
From: Michael Scherer <misc@mageia.org>
Date: Wed, 17 Nov 2010 16:25:42 +0000
Subject: - fix templates ( again ) - add ldap.conf

---
 modules/pam/templates/ldap.conf | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 modules/pam/templates/ldap.conf

(limited to 'modules/pam/templates')

diff --git a/modules/pam/templates/ldap.conf b/modules/pam/templates/ldap.conf
new file mode 100644
index 00000000..c614223e
--- /dev/null
+++ b/modules/pam/templates/ldap.conf
@@ -0,0 +1,22 @@
+<%
+dc_suffix = 'dc=' + domain.gsub('.',',dc=')
+%>
+
+uri ldap://ldap.<%= domain %>
+base <%= dc_suffix %>
+pam_lookup_policy no
+pam_password exop
+nss_base_passwd ou=People,<%= dc_suffix %>?one
+nss_base_shadow ou=People,<%= dc_suffix %>?one
+nss_base_group  ou=Group,<%= dc_suffix %>?one
+
+nss_schema rfc2307bis
+nss_map_attribute uniqueMember member
+sudoers_base ou=sudoers,<%= dc_suffix %>
+#sudoers_debug 2
+
+<% if access_class = 'commiters' %>
+# for restricted access
+nss_override_attribute_value loginShell /usr/local/bin/sv_membersh.pl
+<% end %>
+
-- 
cgit v1.2.1