ldap { server = 'ldap.verdnatura.es' identity = 'cn=admin,dc=verdnatura,dc=es' password = "{{ bindradiusldap_password }}" base_dn = 'dc=verdnatura,dc=es' user_dn = "LDAP-UserDn" update { control:Password-With-Header += 'userPassword' control:NT-Password := 'sambaNTPassword' } user { base_dn = "ou=users,${..base_dn}" filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})" } group { base_dn = "ou=groups,${..base_dn}" name_attribute = 'cn' membership_attribute = 'memberUid' membership_filter = "(memberUid=%{%{Stripped-User-Name}:-%{User-Name}})" filter = '(objectClass=posixGroup)' cacheable_name = yes } accounting { reference = "%{tolower:type.%{Acct-Status-Type}}" type { start { update {description := "Online at %S"} } interim-update { update {description := "Last seen at %S"} } stop { update {description := "Offline at %S"} } } } post-auth { update {description := "Authenticated at %S"} } options { rebind = yes res_timeout = 10 srv_timelimit = 3 net_timeout = 1 idle = 60 probes = 3 interval = 3 ldap_debug = 0x0028 } pool { start = ${thread[pool].start_servers} min = ${thread[pool].min_spare_servers} max = ${thread[pool].max_servers} spare = ${thread[pool].max_spare_servers} uses = 0 retry_delay = 30 lifetime = 0 idle_timeout = 60 } }