1 { pkgs, lib, config, ... }:
2 let inherit (builtins) baseNameOf readFile;
4 inherit (pkgs.lib) unlinesAttrs;
5 inherit (config.services) openldap;
6 inherit (config.users) ldap;
10 openldap/sourcephile.nix
16 base = "ou=posix,${openldap.domainSuffix}";
18 #distinguishedName = "cn=admin,${openldap.domainSuffix}";
24 # NOTE: nslcd cannot use SASL to bind to rootpwmoddn
25 # which is the DN used by nslcd when passwd is run by root
26 # to change the userPassword of an LDAP user.
27 # SEE: https://www.reddit.com/r/linuxadmin/comments/53sxpl/how_do_i_configure_nslcd_to_use_a_sasl_external/d7w9awd/
28 # Thus, use: ldappasswd -H ldapi:// -Y EXTERNAL uid=$SomeUID,ou=accounts,ou=posix,dc=sourcephile,dc=fr
34 dataDir = "/var/db/ldap";
35 configDir = "/var/db/slapd";
36 urlList = [ "ldapi:///" ]; # UNIX socket