# /etc/ldap.conf settings for shell authentication using NCEAS LDAP
base ou=Account,dc=ecoinformatics,dc=org
ldap_version 3
uri ldap://ldap.ecoinformatics.org
# General configuration for shell accounts
pam_groupdn cn=dataone-shell,ou=Groups,dc=ecoinformatics,dc=org
# Restrict shell accounts to dataone-sysadmin accounts
# pam_groupdn cn=dataone-sysadmin,ou=Groups,dc=ecoinformatics,dc=org
pam_member_attribute uniqueMember
pam_password md5
ssl start_tls
tls_checkpeer yes
tls_cacertfile /etc/ssl/certs/ca-certificates.crt
nss_initgroups_ignoreusers avahi,backup,bin,daemon,games,gnats,irc,landscape,libuuid,list,lp,mail,man,messagebus,news,ntp,openldap,pan,postgres,proxy,root,sshd,sync,sys,syslog,tomcat6,uucp,www-data