pam/manifests/init.pp

class pam {
    class base {
        package { ["pam_ldap","nss_ldap","nscd"]: }

        service { nscd:
            require => Package['nscd'],
        }

        file {
            "/etc/pam.d/system-auth": content => template("pam/system-auth");
            "/etc/nsswitch.conf": content => template("pam/nsswitch.conf");
            "/etc/ldap.conf": content => template("pam/ldap.conf");
            "/etc/openldap/ldap.conf": content => template("pam/openldap.ldap.conf");
        }

        $ldap_password = extlookup("${fqdn}_ldap_password",'x')
        file { "ldap.secret":
            path => "/etc/ldap.secret",
            mode => 600,
            content => $ldap_password
        }
    }

    define multiple_ldap_access($access_classes,$restricted_shell = false) {
        if $restricted_shell {
            include restrictshell
        }
        include base
    }
}
1	misc	265	class pam {
2	misc	2228	class base {
3			package { ["pam_ldap","nss_ldap","nscd"]: }
4	misc	265
5	misc	2228	service { nscd:
6	misc	2412	require => Package['nscd'],
7	misc	2228	}
8	misc	265
9	misc	2228	file {
10			"/etc/pam.d/system-auth": content => template("pam/system-auth");
11			"/etc/nsswitch.conf": content => template("pam/nsswitch.conf");
12			"/etc/ldap.conf": content => template("pam/ldap.conf");
13	misc	2413	"/etc/openldap/ldap.conf": content => template("pam/openldap.ldap.conf");
14	misc	2228	}
15	misc	390
16	misc	2228	$ldap_password = extlookup("${fqdn}_ldap_password",'x')
17			file { "ldap.secret":
18			path => "/etc/ldap.secret",
19			mode => 600,
20			content => $ldap_password
21			}
22			}
23	misc	267
24	misc	2228	define multiple_ldap_access($access_classes,$restricted_shell = false) {
25			if $restricted_shell {
26			include restrictshell
27			}
28			include base
29	misc	785	}
30	misc	265	}