From 8e8515543d132589d7f39de334c461719c958269 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20M=E4kinen?= <tmakinen@foo.sh>
Date: Wed, 30 Nov 2011 16:46:25 +0200
Subject: [PATCH] Fixed ca cert check removal from ldap::auth on CentOS 6.

---
 ldap/manifests/init.pp | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/ldap/manifests/init.pp b/ldap/manifests/init.pp
index db8153a..5e05300 100644
--- a/ldap/manifests/init.pp
+++ b/ldap/manifests/init.pp
@@ -34,7 +34,8 @@ class ldap::auth inherits ldap::client {
                     augeas { "nslcd-conf":
                         changes => [ "set pagesize 500",
                                      "set ssl on",
-                                     "set tls_reqcert never", ],
+                                     "set tls_reqcert never",
+                                     "rm tls_cacertdir", ],
                         onlyif  => [ "get pagesize != 500",
                                      "get ssl != on",
                                      "get tls_reqcert != never", ],
@@ -44,7 +45,8 @@ class ldap::auth inherits ldap::client {
                     }
                     augeas { "pam-ldap-conf":
                         changes => [ "set ssl on",
-                                     "set pam_password exop", ],
+                                     "set pam_password exop",
+                                     "rm tls_cacertdir", ],
                         onlyif  => [ "get ssl != on",
                                      "get pam_password != exop", ],
                         incl    => "/etc/pam_ldap.conf",