Revision

400

Author

buchan

Date

2010-11-22 15:20:10 +0100 (Mon, 22 Nov 2010)

Log Message

Add timelimits for nss_ldap, enable password policy

Modified Paths

• puppet/modules/pam/templates/ldap.conf

Modified: puppet/modules/pam/templates/ldap.conf
===================================================================
--- puppet/modules/pam/templates/ldap.conf	2010-11-22 13:59:56 UTC (rev 399)
+++ puppet/modules/pam/templates/ldap.conf	2010-11-22 14:20:10 UTC (rev 400)
@@ -2,7 +2,9 @@
 
 uri ldaps://ldap.<%= domain %>
 base <%= dc_suffix %>
-pam_lookup_policy no
+timelimit 4
+bind_timelimit 4
+pam_lookup_policy yes
 pam_password exop
 nss_base_passwd ou=People,<%= dc_suffix %>?one
 nss_base_shadow ou=People,<%= dc_suffix %>?one