Template: nslcd/ldap-uris Type: string _Description: LDAP server URI: Please enter the Uniform Resource Identifier of the LDAP server. The format is 'ldap://:/'. Alternatively, 'ldaps://' or 'ldapi://' can be used. The port number is optional. . When using an ldap or ldaps scheme it is recommended to use an IP address to avoid failures when domain name services are unavailable. . Multiple URIs can be specified by separating them with spaces. Template: nslcd/ldap-base Type: string _Description: LDAP server search base: Please enter the distinguished name of the LDAP search base. Many sites use the components of their domain names for this purpose. For example, the domain "example.net" would use "dc=example,dc=net" as the distinguished name of the search base. Template: nslcd/ldap-binddn Type: string _Description: LDAP database user: If the LDAP database requires a login for normal lookups, enter the name of the account that will be used here. Leave it empty otherwise. . This value should be specified as a DN (distinguished name). Template: nslcd/ldap-bindpw Type: password _Description: LDAP user password: Enter the password that will be used to log in to the LDAP database. Template: nslcd/ldap-starttls Type: boolean _Description: Use StartTLS? Please choose whether the connection to the LDAP server should use StartTLS to encrypt the connection. Template: nslcd/ldap-reqcert Type: select __Choices: never, allow, try, demand _Description: Check server's SSL certificate: When an encrypted connection is used, a server certificate can be requested and checked. Please choose whether lookups should be configured to require a certificate, and whether certificates should be checked for validity: * never: no certificate will be requested or checked; * allow: a certificate will be requested, but it is not required or checked; * try: a certificate will be requested and checked, but if no certificate is provided it is ignored; * demand: a certificate will be requested, required, and checked. If certificate checking is enabled, at least one of the tls_cacertdir or tls_cacertfile options must be put in /etc/nslcd.conf.