# See cpu.conf(5) for documentation [GLOBAL] DEFAULT_METHOD = ldap CRACKLIB_DICTIONARY = /usr/lib/cracklib_dict [LDAP] LDAP_HOST = 127.0.0.1 LDAP_PORT = 389 # Can also use LDAP_URI = ldaps://localhost:389 for TLS support BIND_DN = cn=Manager,dc=mydomain,dc=com BIND_PASS = secret USER_BASE = ou=People,dc=mydomain,dc=com # replace account with inetOrgPerson if you want first or last name GROUP_BASE = ou=Group,dc=mydomain,dc=com USER_OBJECT_CLASS = account,posixAccount,shadowAccount,top GROUP_OBJECT_CLASS = posixGroup,top USER_FILTER = (objectClass=posixAccount) GROUP_FILTER = (objectClass=posixGroup) USER_CN_STRING = uid GROUP_CN_STRING = cn SKEL_DIR = /etc/skel DEFAULT_SHELL = /bin/bash HOME_DIRECTORY = /home MAX_UIDNUMBER = 10000 MIN_UIDNUMBER = 100 MAX_GIDNUMBER = 10000 MIN_GIDNUMBER = 101 ID_MAX_PASSES = 1000 USERGROUPS = yes USERS_GID = 100 RANDOM = "false" PASSWORD_FILE = "/etc/passfile" SHADOW_FILE = "/etc/shadowfile" HASH = "md5" #ADD_SCRIPT = "contrib/postaddscript.sh" #DEL_SCRIPT = "foo" SHADOWLASTCHANGE = 11192 SHADOWMAX = 99999 SHADOWWARING = 7 SHADOWEXPIRE = -1 SHADOWFLAG = 134538308 SHADOWMIN = -1 SHADOWINACTIVE = -1 [PASSWD] # Broken GROUP = 1000 HOME = /home INACTIVE = -1 #EXPIRE = SHELL = /bin/bash SKEL = /etc/skel COMMENT = "Default Gecos" PASSWORD = /etc/passwd SHADOW = /etc/shadow