28 lines
540 B
Django/Jinja
28 lines
540 B
Django/Jinja
# {{ ansible_managed }}
|
|
#
|
|
# LDAP Defaults
|
|
#
|
|
|
|
# See ldap.conf(5) for details
|
|
# This file should be world readable but not world writable.
|
|
|
|
BASE {{ldap_base}}
|
|
URI {{ldap_uri}}
|
|
|
|
#SIZELIMIT 12
|
|
#TIMELIMIT 15
|
|
#DEREF never
|
|
|
|
# TLS certificates (needed for GnuTLS)
|
|
TLS_CACERT /etc/ldap/{{ldap_cafile}}
|
|
#TLS_CIPHER_SUITE {{ldap_cipher_suite}}
|
|
TLS_PROTOCOL_MIN 3.3
|
|
TLS_REQCERT demand
|
|
TLS_CRLCHECK none
|
|
|
|
# Sudo settings
|
|
SUDOERS_BASE ou=SUDOers,{{ldap_base}}
|
|
#SUDOERS_SEARCH_FILTER objectClass=sudoRole
|
|
SUDOERS_TIMED yes
|
|
#SUDOERS_DEBUG 1
|
|
|