Blame nslcd.conf

Packit 6bd9ab
# This is the configuration file for the LDAP nameservice
Packit 6bd9ab
# switch library's nslcd daemon. It configures the mapping
Packit 6bd9ab
# between NSS names (see /etc/nsswitch.conf) and LDAP
Packit 6bd9ab
# information in the directory.
Packit 6bd9ab
# See the manual page nslcd.conf(5) for more information.
Packit 6bd9ab
Packit 6bd9ab
# The user and group nslcd should run as.
Packit 6bd9ab
uid nslcd
Packit 6bd9ab
gid nslcd
Packit 6bd9ab
Packit 6bd9ab
# The uri pointing to the LDAP server to use for name lookups.
Packit 6bd9ab
# Multiple entries may be specified. The address that is used
Packit 6bd9ab
# here should be resolvable without using LDAP (obviously).
Packit 6bd9ab
#uri ldap://127.0.0.1/
Packit 6bd9ab
#uri ldaps://127.0.0.1/
Packit 6bd9ab
#uri ldapi://%2fvar%2frun%2fldapi_sock/
Packit 6bd9ab
# Note: %2f encodes the '/' used as directory separator
Packit 6bd9ab
uri ldap://127.0.0.1/
Packit 6bd9ab
Packit 6bd9ab
# The LDAP version to use (defaults to 3
Packit 6bd9ab
# if supported by client library)
Packit 6bd9ab
#ldap_version 3
Packit 6bd9ab
Packit 6bd9ab
# The distinguished name of the search base.
Packit 6bd9ab
base dc=example,dc=com
Packit 6bd9ab
Packit 6bd9ab
# The distinguished name to bind to the server with.
Packit 6bd9ab
# Optional: default is to bind anonymously.
Packit 6bd9ab
#binddn cn=proxyuser,dc=example,dc=com
Packit 6bd9ab
Packit 6bd9ab
# The credentials to bind with.
Packit 6bd9ab
# Optional: default is no credentials.
Packit 6bd9ab
# Note that if you set a bindpw you should check the permissions of this file.
Packit 6bd9ab
#bindpw secret
Packit 6bd9ab
Packit 6bd9ab
# The distinguished name to perform password modifications by root by.
Packit 6bd9ab
#rootpwmoddn cn=admin,dc=example,dc=com
Packit 6bd9ab
Packit 6bd9ab
# The default search scope.
Packit 6bd9ab
#scope sub
Packit 6bd9ab
#scope one
Packit 6bd9ab
#scope base
Packit 6bd9ab
Packit 6bd9ab
# Customize certain database lookups.
Packit 6bd9ab
#base   group  ou=Groups,dc=example,dc=com
Packit 6bd9ab
#base   passwd ou=People,dc=example,dc=com
Packit 6bd9ab
#base   shadow ou=People,dc=example,dc=com
Packit 6bd9ab
#scope  group  onelevel
Packit 6bd9ab
#scope  hosts  sub
Packit 6bd9ab
Packit 6bd9ab
# Bind/connect timelimit.
Packit 6bd9ab
#bind_timelimit 30
Packit 6bd9ab
Packit 6bd9ab
# Search timelimit.
Packit 6bd9ab
#timelimit 30
Packit 6bd9ab
Packit 6bd9ab
# Idle timelimit. nslcd will close connections if the
Packit 6bd9ab
# server has not been contacted for the number of seconds.
Packit 6bd9ab
#idle_timelimit 3600
Packit 6bd9ab
Packit 6bd9ab
# Use StartTLS without verifying the server certificate.
Packit 6bd9ab
#ssl start_tls
Packit 6bd9ab
#tls_reqcert never
Packit 6bd9ab
Packit 6bd9ab
# CA certificates for server certificate verification
Packit 6bd9ab
#tls_cacertdir /etc/ssl/certs
Packit 6bd9ab
#tls_cacertfile /etc/ssl/ca.cert
Packit 6bd9ab
Packit 6bd9ab
# Seed the PRNG if /dev/urandom is not provided
Packit 6bd9ab
#tls_randfile /var/run/egd-pool
Packit 6bd9ab
Packit 6bd9ab
# SSL cipher suite
Packit 6bd9ab
# See man ciphers for syntax
Packit 6bd9ab
#tls_ciphers TLSv1
Packit 6bd9ab
Packit 6bd9ab
# Client certificate and key
Packit 6bd9ab
# Use these, if your server requires client authentication.
Packit 6bd9ab
#tls_cert
Packit 6bd9ab
#tls_key
Packit 6bd9ab
Packit 6bd9ab
# Mappings for Services for UNIX 3.5
Packit 6bd9ab
#filter passwd (objectClass=User)
Packit 6bd9ab
#map    passwd uid              msSFU30Name
Packit 6bd9ab
#map    passwd userPassword     msSFU30Password
Packit 6bd9ab
#map    passwd homeDirectory    msSFU30HomeDirectory
Packit 6bd9ab
#map    passwd homeDirectory    msSFUHomeDirectory
Packit 6bd9ab
#filter shadow (objectClass=User)
Packit 6bd9ab
#map    shadow uid              msSFU30Name
Packit 6bd9ab
#map    shadow userPassword     msSFU30Password
Packit 6bd9ab
#filter group  (objectClass=Group)
Packit 6bd9ab
#map    group  member           msSFU30PosixMember
Packit 6bd9ab
Packit 6bd9ab
# Mappings for Services for UNIX 2.0
Packit 6bd9ab
#filter passwd (objectClass=User)
Packit 6bd9ab
#map    passwd uid              msSFUName
Packit 6bd9ab
#map    passwd userPassword     msSFUPassword
Packit 6bd9ab
#map    passwd homeDirectory    msSFUHomeDirectory
Packit 6bd9ab
#map    passwd gecos            msSFUName
Packit 6bd9ab
#filter shadow (objectClass=User)
Packit 6bd9ab
#map    shadow uid              msSFUName
Packit 6bd9ab
#map    shadow userPassword     msSFUPassword
Packit 6bd9ab
#map    shadow shadowLastChange pwdLastSet
Packit 6bd9ab
#filter group  (objectClass=Group)
Packit 6bd9ab
#map    group  member           posixMember
Packit 6bd9ab
Packit 6bd9ab
# Mappings for Active Directory
Packit 6bd9ab
#pagesize 1000
Packit 6bd9ab
#referrals off
Packit 6bd9ab
#idle_timelimit 800
Packit 6bd9ab
#filter passwd (&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*))
Packit 6bd9ab
#map    passwd uid              sAMAccountName
Packit 6bd9ab
#map    passwd homeDirectory    unixHomeDirectory
Packit 6bd9ab
#map    passwd gecos            displayName
Packit 6bd9ab
#filter shadow (&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*))
Packit 6bd9ab
#map    shadow uid              sAMAccountName
Packit 6bd9ab
#map    shadow shadowLastChange pwdLastSet
Packit 6bd9ab
#filter group  (objectClass=group)
Packit 6bd9ab
Packit 6bd9ab
# Alternative mappings for Active Directory
Packit 6bd9ab
# (replace the SIDs in the objectSid mappings with the value for your domain)
Packit 6bd9ab
#pagesize 1000
Packit 6bd9ab
#referrals off
Packit 6bd9ab
#idle_timelimit 800
Packit 6bd9ab
#filter passwd (&(objectClass=user)(objectClass=person)(!(objectClass=computer)))
Packit 6bd9ab
#map    passwd uid           cn
Packit 6bd9ab
#map    passwd uidNumber     objectSid:S-1-5-21-3623811015-3361044348-30300820
Packit 6bd9ab
#map    passwd gidNumber     objectSid:S-1-5-21-3623811015-3361044348-30300820
Packit 6bd9ab
#map    passwd homeDirectory "/home/$cn"
Packit 6bd9ab
#map    passwd gecos         displayName
Packit 6bd9ab
#map    passwd loginShell    "/bin/bash"
Packit 6bd9ab
#filter group (|(objectClass=group)(objectClass=person))
Packit 6bd9ab
#map    group gidNumber      objectSid:S-1-5-21-3623811015-3361044348-30300820
Packit 6bd9ab
Packit 6bd9ab
# Mappings for AIX SecureWay
Packit 6bd9ab
#filter passwd (objectClass=aixAccount)
Packit 6bd9ab
#map    passwd uid              userName
Packit 6bd9ab
#map    passwd userPassword     passwordChar
Packit 6bd9ab
#map    passwd uidNumber        uid
Packit 6bd9ab
#map    passwd gidNumber        gid
Packit 6bd9ab
#filter group  (objectClass=aixAccessGroup)
Packit 6bd9ab
#map    group  cn               groupName
Packit 6bd9ab
#map    group  gidNumber        gid