From 5639ffcf65b88513e9f71aa6fdbbfda34e3cbf9a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20M=E4kinen?= <tmakinen@foo.sh>
Date: Wed, 4 Jul 2012 11:43:47 +0300
Subject: [PATCH] Fixed ldap::auth for Fedora 17.

---
 ldap/manifests/init.pp | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/ldap/manifests/init.pp b/ldap/manifests/init.pp
index fe3b7f1..b9eda70 100644
--- a/ldap/manifests/init.pp
+++ b/ldap/manifests/init.pp
@@ -96,7 +96,7 @@ class ldap::auth inherits ldap::client {
             package { [ "sssd", "pam_ldap", ]:
                 ensure => installed,
             }
-            exec { "authconfig --enableldap --enableldapauth --ldapserver='${ldap_uri}' --ldapbasedn='${ldap_basedn}' --enablesssd --update":
+            exec { "authconfig --enableldap --enableldapauth --ldapserver='${ldap_uri}' --ldapbasedn='${ldap_basedn}' --enablesssd --krb5realm='' --update":
                 path    => "/bin:/usr/bin:/sbin:/usr/sbin",
                 unless  => 'cat /etc/sysconfig/authconfig | egrep "^USELDAPAUTH=yes$|^USELDAP=yes$" | wc -l | egrep "^2$"',
                 before  => Augeas["sssd-conf"],
@@ -106,6 +106,8 @@ class ldap::auth inherits ldap::client {
                 changes => [
                   "set target[1]/ldap_tls_reqcert never",
                   "set target[1]/enumerate true",
+                  "set target[1]/ldap_schema rfc2307bis",
+                  "set target[1]/ldap_group_member uniqueMember",
                 ],
                 incl    => "/etc/sssd/sssd.conf",
                 lens    => "MySQL.lns",