## FILE MANAGED BY PUPPET, your changes here are likey to be overwritten... # uri <%= ldap_uri %> base <%= ldap_base %> ldap_version 3 pam_password md5 #SIZELIMIT 12 #TIMELIMIT 15 #DEREF never <% if has_variable?("ldap_ssl") -%> ssl start_tls ssl on TLS_CACERTFILE /etc/ssl/certs/ldap.pem <% else -%> #ssl start_tls #ssl on #TLS_CACERTFILE /etc/ssl/certs/ldap.pem <% end -%> #nss_initgroups_ignoreusers backup,bin,daemon,games,gnats,irc,klog,libuuid,list,lp,mail,man,news,openldap,postfix,proxy,puppet,root,sshd,sync,sys,syslog,tunnel,uucp,www-data