67 lines
1.7 KiB
Python
67 lines
1.7 KiB
Python
# -*- mode: python; coding: utf-8 -*-
|
|
|
|
include("mode/space")
|
|
include("secrets")
|
|
include("ldap")
|
|
|
|
header("""
|
|
Fichier de configuration pour libnss-ldap.
|
|
|
|
Pour des informations détaillées voir libnss-ldap.conf(5)
|
|
ainsi que /usr/share/libnss-ldap/ldap.conf
|
|
""")
|
|
|
|
info["mode"] = 0644
|
|
|
|
@# +---------------------------------------------------+
|
|
@# | Configuration de la communication avec le serveur |
|
|
@# +---------------------------------------------------+
|
|
|
|
@# Base LDAP
|
|
%uri "%s" % ldap_socket
|
|
|
|
@# The distinguished name of the search base.
|
|
%base "dc=crans,dc=org"
|
|
|
|
@# The distinguished name to bind to the server with.
|
|
@# Optional: default is to bind anonymously.
|
|
@# Please do not put double quotes around it as they
|
|
@# would be included literally.
|
|
%binddn secrets.ldap_readonly_auth_dn
|
|
|
|
@# The credentials to bind with.
|
|
@# Optional: default is no credential.
|
|
#%bindpw secrets.ldap_readonly_password
|
|
|
|
@# The distinguished name to bind to the server with
|
|
@# if the effective user ID is root. Password is
|
|
@# stored in /etc/libnss-ldap.secret (mode 600)
|
|
@# Use 'echo -n "mypassword" > /etc/libnss-ldap.secret' instead
|
|
@# of an editor to create the file.
|
|
%rootbinddn secrets.ldap_readonly_auth_dn
|
|
|
|
@# The LDAP version to use (defaults to 3
|
|
@# if supported by client library)
|
|
%ldap_version 3
|
|
|
|
@# Search timelimit
|
|
%timelimit 5
|
|
|
|
@# Bind/connect timelimit
|
|
%bind_timelimit 5
|
|
|
|
@# +------------------+
|
|
@# | Bases de données |
|
|
@# +------------------+
|
|
|
|
# On n'utilise ldap pour résoudre les bases de données
|
|
# passwd, group et shadow
|
|
|
|
if ldap_filter:
|
|
passwd_filter = "?%s" % ldap_filter
|
|
else:
|
|
passwd_filter = ""
|
|
|
|
%nss_base_passwd "ou=data,dc=crans,dc=org?one%s" % passwd_filter
|
|
%nss_base_shadow "ou=data,dc=crans,dc=org?one"
|
|
%nss_base_group "ou=Group,dc=crans,dc=org?one"
|