LDAP Client Configuration

ldap client configuration is in /etc/ldap.conf.

However, some distributions (like debian) split this configuration into multiple files.

Debian uses the following configuration:

/etc/ldap/ldap.conf is used for general client configs
/etc/pam_ldap.conf contains pam-specific configs
/etc/libnss_ldap.conf contains nss-specific configs

For more information on pam and nss see LDAPClientPam and LDAPClientNss, respectively.

Sample ldap.conf

uri     ldaps://ldap.example.com
ssl                 on
ldap_version        3
base                dc=example,dc=com
scope               base

rootbinddn cn=admin,dc=example,dc=com

timelimit 30
bind_timelimit 30

#PAM info:
pam_filter          objectclass=posixAccount
pam_login_attribute uid
pam_min_uid         1000
pam_max_uid         60000
pam_password md5

#NSS Info:
nss_base_passwd         ou=People,dc=example,dc=com?one
nss_base_shadow         ou=People,dc=example,dc=com?one
nss_base_services       ou=Services,dc=example,dc=com?one
nss_base_group          ou=Groups,dc=example,dc=com?one

Unless otherwise noted, all content is copyright Marc Dougherty and is subject to a Creative Commons license.

LDAPClientConfig

LDAP Client Configuration

Sample ldap.conf