# See cpu.conf(5) for documentation

[GLOBAL]
DEFAULT_METHOD	= ldap
CRACKLIB_DICTIONARY = /usr/lib/cracklib_dict

[LDAP]
LDAP_HOST	= 127.0.0.1
LDAP_PORT	= 389
# Can also use LDAP_URI = ldaps://localhost:389 for TLS support
BIND_DN		= cn=Manager,dc=mydomain,dc=com
BIND_PASS	= secret
USER_BASE 	= ou=People,dc=mydomain,dc=com
# replace account with inetOrgPerson if you want first or last name
GROUP_BASE 	= ou=Group,dc=mydomain,dc=com
USER_OBJECT_CLASS	= account,posixAccount,shadowAccount,top
GROUP_OBJECT_CLASS	= posixGroup,top
USER_FILTER	= (objectClass=posixAccount)
GROUP_FILTER	= (objectClass=posixGroup)
USER_CN_STRING	= uid
GROUP_CN_STRING = cn
SKEL_DIR	= /etc/skel
DEFAULT_SHELL 	= /bin/bash
HOME_DIRECTORY	= /home
MAX_UIDNUMBER = 10000
MIN_UIDNUMBER = 100
MAX_GIDNUMBER = 10000
MIN_GIDNUMBER = 101
ID_MAX_PASSES = 1000
USERGROUPS = yes
USERS_GID = 100
RANDOM = "false"
PASSWORD_FILE = "/etc/passfile"
SHADOW_FILE = "/etc/shadowfile"
HASH = "md5"
#ADD_SCRIPT = "contrib/postaddscript.sh"
#DEL_SCRIPT = "foo"
SHADOWLASTCHANGE	= 11192
SHADOWMAX		= 99999
SHADOWWARING		= 7
SHADOWEXPIRE		= -1
SHADOWFLAG		= 134538308
SHADOWMIN		= -1
SHADOWINACTIVE		= -1

[PASSWD]
# Broken
GROUP	=	1000
HOME	=	/home
INACTIVE =	-1
#EXPIRE	=
SHELL	=	/bin/bash
SKEL	=	/etc/skel
COMMENT =	"Default Gecos"
PASSWORD =	/etc/passwd
SHADOW	=	/etc/shadow