| {%- from "linux/map.jinja" import ldap with context -%} |
| # /etc/nslcd.conf |
| # nslcd configuration file. See nslcd.conf(5) |
| # for details. |
| |
| # The user and group nslcd should run as. |
| uid {{ ldap.uid }} |
| gid {{ ldap.gid }} |
| |
| {%- if ldap.enabled %} |
| |
| {%- if ldap.uri is defined %} |
| # The location at which the LDAP server(s) should be reachable. |
| uri {{ ldap.uri }} |
| {%- endif %} |
| |
| {%- if ldap.base is defined %} |
| # The search base that will be used for all queries. |
| base {{ ldap.base }} |
| {%- endif %} |
| |
| # The LDAP protocol version to use. |
| ldap_version {{ ldap.version }} |
| |
| {%- if ldap.binddn is defined %} |
| # The DN to bind with for normal lookups. |
| binddn {{ ldap.binddn }} |
| {%- if ldap.bindpw is defined %} |
| bindpw {{ ldap.bindpw }} |
| {%- endif %} |
| {%- endif %} |
| |
| {%- if ldap.rootpwmoddn is defined %} |
| # The DN used for password modifications by root. |
| rootpwmoddn {{ ldap.rootpwmoddn }} |
| {%- endif %} |
| |
| # SSL options |
| #ssl off |
| #tls_reqcert never |
| #tls_cacertfile /etc/ssl/certs/ca-certificates.crt |
| |
| # The search scope. |
| scope {{ ldap.scope }} |
| |
| {%- if ldap.pagesize is defined %} |
| pagesize {{ ldap.pagesize }} |
| {%- endif %} |
| {%- if ldap.referrals is defined %} |
| referrals {{ ldap.referrals }} |
| {%- endif %} |
| |
| {%- if ldap.filter is defined %} |
| # Filters |
| {%- for key, value in ldap.filter.items() %} |
| filter {{ key }} {{ value }} |
| {%- endfor %} |
| {%- endif %} |
| {%- if ldap.map is defined %} |
| # Mappings |
| {%- for map_name,map in ldap.map.items() %} |
| {%- for key, value in map.items() %} |
| map {{ map_name }} {{ key }} {{ value }} |
| {%- endfor %} |
| {%- endfor %} |
| {%- endif %} |
| |
| {%- endif %} |