pam/templates/ldap.conf

rootbinddn cn=<%= fqdn %>,ou=Hosts,<%= dc_suffix %>

uri ldaps://ldap.<%= domain %>
base <%= dc_suffix %>
timelimit 4
bind_timelimit 4
pam_lookup_policy yes
pam_password exop
nss_base_passwd ou=People,<%= dc_suffix %>?one
nss_base_shadow ou=People,<%= dc_suffix %>?one
nss_base_group  ou=Group,<%= dc_suffix %>?one

nss_schema rfc2307bis
nss_map_attribute uniqueMember member
sudoers_base ou=sudoers,<%= dc_suffix %>
#sudoers_debug 2

<% if access_class = 'commiters' %>
# for restricted access
nss_override_attribute_value loginShell /usr/local/bin/sv_membersh.pl
<% end %>

1	rootbinddn cn=<%= fqdn %>,ou=Hosts,<%= dc_suffix %>
2
3	uri ldaps://ldap.<%= domain %>
4	base <%= dc_suffix %>
5	timelimit 4
6	bind_timelimit 4
7	pam_lookup_policy yes
8	pam_password exop
9	nss_base_passwd ou=People,<%= dc_suffix %>?one
10	nss_base_shadow ou=People,<%= dc_suffix %>?one
11	nss_base_group ou=Group,<%= dc_suffix %>?one
12
13	nss_schema rfc2307bis
14	nss_map_attribute uniqueMember member
15	sudoers_base ou=sudoers,<%= dc_suffix %>
16	#sudoers_debug 2
17
18	<% if access_class = 'commiters' %>
19	# for restricted access
20	nss_override_attribute_value loginShell /usr/local/bin/sv_membersh.pl
21	<% end %>
22