source: trunk/server/fedora/config/etc/nss-ldapd.conf @ 1506

Last change on this file since 1506 was 1294, checked in by mitchb, 16 years ago
We got nss-ldapd into Fedora! Stop building it from OpenSuSE.
File size: 4.3 KB
RevLine 
[910]1# This is the configuration file for the LDAP nameservice
2# switch library's nslcd daemon. It configures the mapping
3# between NSS names (see /etc/nsswitch.conf) and LDAP
4# information in the directory.
5# See the manual page nss-ldapd.conf(5) for more information.
6
7# The uri pointing to the LDAP server to use for name lookups.
[1294]8# Multiple entries may be specified. The address that is used
[910]9# here should be resolvable without using LDAP (obviously).
10#uri ldap://127.0.0.1/
11#uri ldaps://127.0.0.1/
12#uri ldapi://%2fvar%2frun%2fldapi_sock/
13# Note: %2f encodes the '/' used as directory separator
[1294]14# uri ldap://127.0.0.1/
[910]15
16# The LDAP version to use (defaults to 3
17# if supported by client library)
18#ldap_version 3
19
20# The distinguished name of the search base.
[1294]21# base dc=example,dc=com
[910]22
23# The distinguished name to bind to the server with.
24# Optional: default is to bind anonymously.
[1294]25#binddn cn=proxyuser,dc=example,dc=com
[910]26
27# The credentials to bind with.
28# Optional: default is no credentials.
[1294]29# Note that if you set a bindpw you should check the permissions of this file.
[910]30#bindpw secret
31
32# The default search scope.
33#scope sub
34#scope one
35#scope base
36
37# Customize certain database lookups.
[1294]38#base   group  ou=Groups,dc=example,dc=com
39#base   passwd ou=People,dc=example,dc=com
40#base   shadow ou=People,dc=example,dc=com
[910]41#scope  group  onelevel
42#scope  hosts  sub
43
44# Bind/connect timelimit.
[1294]45#bind_timelimit 30
[910]46
47# Search timelimit.
[1294]48#timelimit 30
[910]49
50# Idle timelimit. nslcd will close connections if the
51# server has not been contacted for the number of seconds.
[1294]52#idle_timelimit 3600
[910]53
[1294]54# Use StartTLS without verifying the server certificate.
[910]55#ssl start_tls
[1294]56#tls_reqcert never
[910]57
58# CA certificates for server certificate verification
59#tls_cacertdir /etc/ssl/certs
60#tls_cacertfile /etc/ssl/ca.cert
61
62# Seed the PRNG if /dev/urandom is not provided
63#tls_randfile /var/run/egd-pool
64
65# SSL cipher suite
66# See man ciphers for syntax
67#tls_ciphers TLSv1
68
69# Client certificate and key
70# Use these, if your server requires client authentication.
71#tls_cert
72#tls_key
73
74# NDS mappings
75#map group uniqueMember member
76
77# Mappings for Services for UNIX 3.5
78#filter passwd (objectClass=User)
79#map    passwd uid              msSFU30Name
80#map    passwd userPassword     msSFU30Password
81#map    passwd homeDirectory    msSFU30HomeDirectory
82#map    passwd homeDirectory    msSFUHomeDirectory
83#filter shadow (objectClass=User)
84#map    shadow uid              msSFU30Name
85#map    shadow userPassword     msSFU30Password
86#filter group  (objectClass=Group)
87#map    group  uniqueMember     msSFU30PosixMember
88
89# Mappings for Services for UNIX 2.0
90#filter passwd (objectClass=User)
91#map    passwd uid              msSFUName
92#map    passwd userPassword     msSFUPassword
93#map    passwd homeDirectory    msSFUHomeDirectory
94#map    passwd cn               msSFUName
95#filter shadow (objectClass=User)
96#map    shadow uid              msSFUName
97#map    shadow userPassword     msSFUPassword
98#map    shadow shadowLastChange pwdLastSet
99#filter group  (objectClass=Group)
100#map    group  uniqueMember     posixMember
101
102# Mappings for Active Directory
103#pagesize 1000
104#referrals off
105#filter passwd (&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*))
106#map    passwd uid              sAMAccountName
107#map    passwd homeDirectory    unixHomeDirectory
108#map    passwd gecos            displayName
109#filter shadow (&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*))
110#map    shadow uid              sAMAccountName
111#map    shadow shadowLastChange pwdLastSet
112#filter group  (objectClass=group)
113#map    group  uniqueMember     member
114
115# Mappings for AIX SecureWay
116#filter passwd (objectClass=aixAccount)
117#map    passwd uid              userName
118#map    passwd userPassword     passwordChar
119#map    passwd uidNumber        uid
120#map    passwd gidNumber        gid
121#filter group  (objectClass=aixAccessGroup)
122#map    group  cn               groupName
123#map    group  uniqueMember     member
124#map    group  gidNumber        gid
[1294]125uid nslcd
126gid ldap
127# This comment prevents repeated auto-migration of settings from /etc/ldap.conf.
128uri ldapi://%2fvar%2frun%2fdirsrv%2fslapd-scripts.socket/
129base dc=scripts,dc=mit,dc=edu
130timelimit 120
131bind_timelimit 120
132idle_timelimit 3600
133base   group  ou=Groups,dc=scripts,dc=mit,dc=edu
134base   passwd ou=People,dc=scripts,dc=mit,dc=edu
Note: See TracBrowser for help on using the repository browser.