1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
Template: nslcd/ldap-uris
Type: string
_Description: LDAP server URI:
Please enter the Uniform Resource Identifier of the LDAP server. The format
is 'ldap://<hostname_or_IP_address>:<port>/'. Alternatively, 'ldaps://' or
'ldapi://' can be used. The port number is optional.
.
When using an ldap or ldaps scheme it is recommended to use an IP address to
avoid failures when domain name services are unavailable.
.
Multiple URIs can be specified by separating them with spaces.
Template: nslcd/ldap-base
Type: string
_Description: LDAP server search base:
Please enter the distinguished name of the LDAP search base. Many sites use
the components of their domain names for this purpose. For example, the
domain "example.net" would use "dc=example,dc=net" as the distinguished name
of the search base.
Template: nslcd/ldap-binddn
Type: string
_Description: LDAP database user:
If the LDAP database requires a login for normal lookups, enter the name of
the account that will be used here. Leave it empty otherwise.
.
This value should be specified as a DN (distinguished name).
Template: nslcd/ldap-bindpw
Type: password
_Description: LDAP user password:
Enter the password that will be used to log in to the LDAP database.
Template: nslcd/ldap-starttls
Type: boolean
_Description: Use StartTLS?
Please choose whether the connection to the LDAP server should use
StartTLS to encrypt the connection.
Template: nslcd/ldap-reqcert
Type: select
__Choices: never, allow, try, demand
_Description: Check server's SSL certificate:
When an encrypted connection is used, a server certificate can be requested
and checked. Please choose whether lookups should be configured to require
a certificate, and whether certificates should be checked for validity:
* never: no certificate will be requested or checked;
* allow: a certificate will be requested, but it is not
required or checked;
* try: a certificate will be requested and checked, but if no
certificate is provided it is ignored;
* demand: a certificate will be requested, required, and checked.
If certificate checking is enabled, at least one of the tls_cacertdir or
tls_cacertfile options must be put in /etc/nslcd.conf.
|