pam/manifests/init.pp

class pam {
    class base {
        package { ["pam_ldap","nss_ldap","nscd"]: }

        service { nscd:
            require => Package['nscd'],
        }

        file {
            "/etc/pam.d/system-auth": content => template("pam/system-auth");
            "/etc/nsswitch.conf": content => template("pam/nsswitch.conf");
            "/etc/ldap.conf": content => template("pam/ldap.conf");
        }

        $ldap_password = extlookup("${fqdn}_ldap_password",'x')
        file { "ldap.secret":
            path => "/etc/ldap.secret",
            mode => 600,
            content => $ldap_password
        }
    }

    define multiple_ldap_access($access_classes,$restricted_shell = false) {
        if $restricted_shell {
            include restrictshell
        }
        include base
    }
}
1	class pam {
2	class base {
3	package { ["pam_ldap","nss_ldap","nscd"]: }
4
5	service { nscd:
6	require => Package['nscd'],
7	}
8
9	file {
10	"/etc/pam.d/system-auth": content => template("pam/system-auth");
11	"/etc/nsswitch.conf": content => template("pam/nsswitch.conf");
12	"/etc/ldap.conf": content => template("pam/ldap.conf");
13	}
14
15	$ldap_password = extlookup("${fqdn}_ldap_password",'x')
16	file { "ldap.secret":
17	path => "/etc/ldap.secret",
18	mode => 600,
19	content => $ldap_password
20	}
21	}
22
23	define multiple_ldap_access($access_classes,$restricted_shell = false) {
24	if $restricted_shell {
25	include restrictshell
26	}
27	include base
28	}
29	}