ldap: Converted nslcd.conf to template and added support for active directory attribute mappings.
This commit is contained in:
parent
d0a5bca536
commit
9a1964c71a
2 changed files with 55 additions and 32 deletions
34
ldap/templates/nslcd.conf.erb
Normal file
34
ldap/templates/nslcd.conf.erb
Normal file
|
|
@ -0,0 +1,34 @@
|
|||
uid nslcd
|
||||
<% if @operatingsystem == "Ubuntu" -%>
|
||||
gid nslcd
|
||||
<% else -%>
|
||||
gid ldap
|
||||
<% end -%>
|
||||
|
||||
uri <%= @ldap_uri %>
|
||||
base <%= @ldap_basedn %>
|
||||
|
||||
<% if ['ad','activedirectory'].index(@mapping) -%>
|
||||
pagesize 1000
|
||||
filter passwd (&(objectClass=user)(!(objectClass=computer))(uidNumber=*))
|
||||
map passwd uid sAMAccountName
|
||||
map passwd gecos displayName
|
||||
map passwd loginShell "${loginShell:-/bin/bash}"
|
||||
map passwd homeDirectory "${unixHomeDirectory:-/home/$sAMAccountName}"
|
||||
filter group (&(objectClass=group)(gidNumber=*))
|
||||
<% if @operatingsystem == "CentOS" -%>
|
||||
map group uniqueMember member
|
||||
<% end -%>
|
||||
<% else -%>
|
||||
pagesize 500
|
||||
<% if @operatingsystem != "CentOS" -%>
|
||||
map group member uniqueMember
|
||||
<% end -%>
|
||||
<% end -%>
|
||||
|
||||
<% if @ldap_uri =~ /^ldaps:/ -%>
|
||||
ssl on
|
||||
tls_reqcert never
|
||||
<% else -%>
|
||||
ssl off
|
||||
<% end -%>
|
||||
Loading…
Add table
Add a link
Reference in a new issue