| # Example /etc/nsscache.conf - configuration for nsscache |
| # |
| # nsscache loads a config file from the environment variable NSSCACHE_CONFIG |
| # |
| # By default this is /etc/nsscache.conf |
| # |
| # Commented values are overrideable defaults, uncommented values |
| # require you to set them. |
| |
| [DEFAULT] |
| |
| # Default NSS data source module name |
| source = ldap |
| |
| # Default NSS data cache module name |
| cache = nssdb |
| #cache = files |
| |
| # NSS maps to be cached |
| maps = passwd, group, shadow, netgroup |
| |
| # Directory to store our update/modify timestamps |
| timestamp_dir = /var/lib/nsscache |
| |
| # Lockfile to use for update/repair operations |
| #lockfile = /var/run/nsscache |
| |
| # Defaults for specific modules; prefaced with "modulename_" |
| |
| ## |
| # ldap module defaults. |
| # |
| |
| # LDAP URI to query for NSS data |
| ldap_uri = ldaps://ldap |
| |
| # Base for LDAP searches |
| ldap_base = ou=people,dc=example,dc=com |
| |
| # Default LDAP search filter for maps |
| ldap_filter = (objectclass=posixAccount) |
| |
| # Default LDAP search scope |
| #ldap_scope = one |
| |
| # Default LDAP BIND DN, empty string is an anonymous bind |
| #ldap_bind_dn = "" |
| |
| # Default LDAP password, empty DN and empty password is used for |
| # anonymous binds |
| #ldap_bind_password = "" |
| |
| # Default timelimit for LDAP queries, in seconds. |
| # The query will block for this number of seconds, or indefinitely if negative. |
| #ldap_timelimit = -1 |
| |
| # Default number of retry attempts |
| #ldap_retry_max = 3 |
| |
| # Default delay in between retry attempts |
| #ldap_retry_delay = 5 |
| |
| # Default setting for requiring tls certificates, one of: |
| # never, hard, demand, allow, try |
| #ldap_tls_require_cert = 'demand' |
| |
| # Default directoy for trusted CAs |
| #ldap_tls_cacertdir = '/usr/share/ssl' |
| |
| # Default filename for trusted CAs |
| #ldap_tls_cacertfile = '/usr/share/ssl/cert.pem' |
| |
| # Should we issue STARTTLS? |
| # ldap_tls_starttls = 1 |
| |
| ## |
| # nssdb module defaults |
| |
| # Directory to store nssdb databases. Current libnss_db code requires |
| # the path below |
| #nssdb_dir = /var/lib/misc |
| |
| # Path to `makedb', supplied by the nss_db module |
| #nssdb_makedb = /usr/bin/makedb |
| |
| ## |
| # files module defaults |
| |
| # Directory to store the plain text files |
| #files_dir = /etc |
| |
| # Suffix used on the files module database files |
| files_cache_filename_suffix = cache |
| |
| ### |
| # Optional per-map sections, if present they will override the above |
| # defaults. The examples below show you some common values to override |
| # |
| # [passwd] |
| # |
| # ldap_base = ou=people,dc=example,dc=com |
| |
| [group] |
| |
| ldap_base = ou=group,dc=example,dc=com |
| ldap_filter = (objectclass=posixGroup) |
| |
| [shadow] |
| |
| ldap_filter = (objectclass=shadowAccount) |
| |
| [netgroup] |
| |
| ldap_base = ou=netgroup,dc=example,dc=com |
| ldap_filter = (objectclass=nisNetgroup) |
| files_cache_filename_suffix = |
| |
| [automount] |
| |
| ldap_base = ou=automounts,dc=example,dc=com |
| files_cache_filename_suffix = |
| cache = files |