# See nslcd.conf(5) for details.

uid nslcd
gid nslcd

uri {{ ldap_uri }}
idle_timelimit 60

base {{ ldap_base }}
binddn cn=nss,ou=admins,{{ ldap_base }}
bindpw {{ lookup(passbolt, 'nslcd', folder_parent_id=passbolt_folder).password }}
pagesize 500

filter group (&(objectClass=posixGroup)(cn={{ sysadmin_group }}))
filter passwd (&(objectClass=posixAccount)(memberOf=cn={{ sysadmin_group }},ou=dnGroups,{{ ldap_base }}))
pam_authz_search (&(objectClass=posixGroup)(cn={{ sysadmin_group }})(memberuid=$username))