source: trunk/server/fedora/config/etc/nslcd.conf @ 2627

Last change on this file since 2627 was 1818, checked in by mitchb, 15 years ago
Move 389-ds's slapd-scripts.socket to /var/run It turns out that mode 777 directories containing files that daemons use is... not the most brilliant thing we've done. 389-ds has finally decided to insist on clobbering the permissions of /var/run/dirsrv to be less foolish, but several of our daemons and client programs need to be able to access the LDAP daemon's socket. Come visit it in its new home, conveniently located just two directories below the root.
File size: 4.4 KB
Line 
1# This is the configuration file for the LDAP nameservice
2# switch library's nslcd daemon. It configures the mapping
3# between NSS names (see /etc/nsswitch.conf) and LDAP
4# information in the directory.
5# See the manual page nslcd.conf(5) for more information.
6
7# The user and group nslcd should run as.
8uid nslcd
9gid ldap
10
11# The uri pointing to the LDAP server to use for name lookups.
12# Multiple entries may be specified. The address that is used
13# here should be resolvable without using LDAP (obviously).
14#uri ldap://127.0.0.1/
15#uri ldaps://127.0.0.1/
16#uri ldapi://%2fvar%2frun%2fldapi_sock/
17# Note: %2f encodes the '/' used as directory separator
18# uri ldap://127.0.0.1/
19
20# The LDAP version to use (defaults to 3
21# if supported by client library)
22#ldap_version 3
23
24# The distinguished name of the search base.
25# base dc=example,dc=com
26
27# The distinguished name to bind to the server with.
28# Optional: default is to bind anonymously.
29#binddn cn=proxyuser,dc=example,dc=com
30
31# The credentials to bind with.
32# Optional: default is no credentials.
33# Note that if you set a bindpw you should check the permissions of this file.
34#bindpw secret
35
36# The distinguished name to perform password modifications by root by.
37#rootpwmoddn cn=admin,dc=example,dc=com
38
39# The default search scope.
40#scope sub
41#scope one
42#scope base
43
44# Customize certain database lookups.
45#base   group  ou=Groups,dc=example,dc=com
46#base   passwd ou=People,dc=example,dc=com
47#base   shadow ou=People,dc=example,dc=com
48#scope  group  onelevel
49#scope  hosts  sub
50
51# Bind/connect timelimit.
52#bind_timelimit 30
53
54# Search timelimit.
55#timelimit 30
56
57# Idle timelimit. nslcd will close connections if the
58# server has not been contacted for the number of seconds.
59#idle_timelimit 3600
60
61# Use StartTLS without verifying the server certificate.
62#ssl start_tls
63#tls_reqcert never
64
65# CA certificates for server certificate verification
66#tls_cacertdir /etc/ssl/certs
67#tls_cacertfile /etc/ssl/ca.cert
68
69# Seed the PRNG if /dev/urandom is not provided
70#tls_randfile /var/run/egd-pool
71
72# SSL cipher suite
73# See man ciphers for syntax
74#tls_ciphers TLSv1
75
76# Client certificate and key
77# Use these, if your server requires client authentication.
78#tls_cert
79#tls_key
80
81# NDS mappings
82#map group uniqueMember member
83
84# Mappings for Services for UNIX 3.5
85#filter passwd (objectClass=User)
86#map    passwd uid              msSFU30Name
87#map    passwd userPassword     msSFU30Password
88#map    passwd homeDirectory    msSFU30HomeDirectory
89#map    passwd homeDirectory    msSFUHomeDirectory
90#filter shadow (objectClass=User)
91#map    shadow uid              msSFU30Name
92#map    shadow userPassword     msSFU30Password
93#filter group  (objectClass=Group)
94#map    group  uniqueMember     msSFU30PosixMember
95
96# Mappings for Services for UNIX 2.0
97#filter passwd (objectClass=User)
98#map    passwd uid              msSFUName
99#map    passwd userPassword     msSFUPassword
100#map    passwd homeDirectory    msSFUHomeDirectory
101#map    passwd gecos            msSFUName
102#filter shadow (objectClass=User)
103#map    shadow uid              msSFUName
104#map    shadow userPassword     msSFUPassword
105#map    shadow shadowLastChange pwdLastSet
106#filter group  (objectClass=Group)
107#map    group  uniqueMember     posixMember
108
109# Mappings for Active Directory
110#pagesize 1000
111#referrals off
112#filter passwd (&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*))
113#map    passwd uid              sAMAccountName
114#map    passwd homeDirectory    unixHomeDirectory
115#map    passwd gecos            displayName
116#filter shadow (&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*))
117#map    shadow uid              sAMAccountName
118#map    shadow shadowLastChange pwdLastSet
119#filter group  (objectClass=group)
120#map    group  uniqueMember     member
121
122# Mappings for AIX SecureWay
123#filter passwd (objectClass=aixAccount)
124#map    passwd uid              userName
125#map    passwd userPassword     passwordChar
126#map    passwd uidNumber        uid
127#map    passwd gidNumber        gid
128#filter group  (objectClass=aixAccessGroup)
129#map    group  cn               groupName
130#map    group  uniqueMember     member
131#map    group  gidNumber        gid
132# This comment prevents repeated auto-migration of settings.
133uri ldapi://%2fvar%2frun%2fslapd-scripts.socket/
134base dc=scripts,dc=mit,dc=edu
135base   group  ou=Groups,dc=scripts,dc=mit,dc=edu
136base   passwd ou=People,dc=scripts,dc=mit,dc=edu
137timelimit 120
138bind_timelimit 120
139idle_timelimit 3600
Note: See TracBrowser for help on using the repository browser.