48 lines
1.1 KiB
Text
48 lines
1.1 KiB
Text
uid nslcd
|
|
<% if @operatingsystem == "Ubuntu" -%>
|
|
gid nslcd
|
|
<% else -%>
|
|
gid ldap
|
|
<% end -%>
|
|
|
|
uri <%= @ldap_uri %>
|
|
base <%= @ldap_basedn %>
|
|
|
|
# time out searches after 30 seconds
|
|
timelimit 30
|
|
# close idle connections after 10 minutes
|
|
idle_timelimit 600
|
|
|
|
<% if ['ad','activedirectory'].index(@mapping) -%>
|
|
pagesize 1000
|
|
filter passwd (&(objectClass=user)(!(objectClass=computer))(uidNumber=*))
|
|
map passwd uid sAMAccountName
|
|
map passwd gecos displayName
|
|
map passwd loginShell "${loginShell:-/bin/bash}"
|
|
map passwd homeDirectory "${unixHomeDirectory:-/home/$sAMAccountName}"
|
|
filter group (&(objectClass=group)(gidNumber=*))
|
|
<% if @member_attr != "member" -%>
|
|
map group <%= @member_attr %> member
|
|
<% end -%>
|
|
<% else -%>
|
|
pagesize 500
|
|
<% if @member_attr != "uniqueMember" -%>
|
|
map group <%= @member_attr %> uniqueMember
|
|
<% end -%>
|
|
<% end -%>
|
|
<% if @auth == 'bind' -%>
|
|
|
|
binddn <%= @credentials[0] %>
|
|
bindpw <%= @credentials[1] %>
|
|
<% elsif @auth == 'gssapi' -%>
|
|
|
|
sasl_mech GSSAPI
|
|
krb5_ccname FILE:/var/run/nslcd/krb5cc_nslcd
|
|
<% end -%>
|
|
|
|
<% if @ldap_uri =~ /^ldaps:/ -%>
|
|
ssl on
|
|
tls_reqcert never
|
|
<% else -%>
|
|
ssl off
|
|
<% end -%>
|