| 192 |
- |
1 |
#
|
|
|
2 |
# LDAP Defaults
|
|
|
3 |
#
|
|
|
4 |
|
|
|
5 |
# See ldap.conf(5) for details
|
|
|
6 |
# This file should be world readable but not world writable.
|
|
|
7 |
|
|
|
8 |
#BASE dc=example,dc=com
|
|
|
9 |
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666
|
|
|
10 |
|
|
|
11 |
#SIZELIMIT 12
|
|
|
12 |
#TIMELIMIT 15
|
|
|
13 |
#DEREF never
|
|
|
14 |
|
|
|
15 |
# When no CA certificates are specified the Shared System Certificates
|
|
|
16 |
# are in use. In order to have these available along with the ones specified
|
|
|
17 |
# by TLS_CACERTDIR one has to include them explicitly:
|
|
|
18 |
#TLS_CACERT /etc/pki/tls/cert.pem
|
|
|
19 |
|
|
|
20 |
# System-wide Crypto Policies provide up to date cipher suite which should
|
|
|
21 |
# be used unless one needs a finer grinded selection of ciphers. Hence, the
|
|
|
22 |
# PROFILE=SYSTEM value represents the default behavior which is in place
|
|
|
23 |
# when no explicit setting is used. (see openssl-ciphers(1) for more info)
|
|
|
24 |
#TLS_CIPHER_SUITE PROFILE=SYSTEM
|
|
|
25 |
|
|
|
26 |
# Turning this off breaks GSSAPI used with krb5 when rdns = false
|
|
|
27 |
SASL_NOCANON on
|
|
|
28 |
|