This is the last call for comments for the review of debconf templates for libpam-ldap. The reviewed templates will be sent on Monday, June 01, 2009 to the package maintainer as a bug report and a mail will be sent to this list with "[BTS]" as a subject tag. --
Template: libpam-ldap/rootbinddn
Type: string
Default: cn=manager,dc=example,dc=net
_Description: LDAP account for root:
Please enter the LDAP account that will be used when the local
root account for this machine changes a password.
.
This account has to be a privileged account.
Template: libpam-ldap/rootbindpw
Type: password
#flag:comment:3
# Translators: do not translate "${filename}"
_Description: LDAP root account password:
Please enter the password to use when ${package} tries to
login to the LDAP directory using the LDAP account for root.
.
The password will be stored in a separate file (${filename})
which will be made readable to root only.
.
If that field is left empty, the previously stored password will
be re-used.
Template: libpam-ldap/dblogin
Type: boolean
Default: false
_Description: Does the LDAP database require login?
Please choose whether the LDAP server enforces a login before
retrieving entries.
.
Such setup is unusual and therefore unneeded in most situations.
Template: shared/ldapns/base-dn
Type: string
Default: dc=example,dc=net
_Description: Distinguished name of the search base:
Please enter the distinguished name of the LDAP search base. Many sites
use the components of their domain names for this purpose. For example,
the domain 'example.net' would use 'dc=example,dc=net' as the
distinguished name of the search base.
Template: libpam-ldap/pam_password
Type: select
__Choices: clear, crypt, nds, ad, exop, md5
Default: crypt
_Description: Local encryption algorithm to use for passwords:
The PAM module can encrypt the password locally when changing it,
which is recommended:
* clear: no encryption. This should be chosen when LDAP servers
automatically encrypt the userPassword entry;
* crypt: make userPassword use the same format as the flat
local password database. If in doubt, you should choose this option;
* nds: use Novell Directory Services-style updating. The old
password is first removed, then updated;
* ad: Active Directory-style. This creates a Unicode password and
updates the unicodePwd attribute;
* exop: use the OpenLDAP password change extended operation to update the
password.
Template: shared/ldapns/ldap_version
Type: select
Choices: 3, 2
Default: 3
_Description: LDAP version to use:
Please choose the version of the LDAP protocol that should be used by
ldapns. Using the highest available version number is recommended.
Template: libpam-ldap/binddn
Type: string
Default: cn=proxyuser,dc=example,dc=net
_Description: Unprivileged database user:
Please enter the name of the account that will be used to login to the LDAP
database.
.
It is highly recommended to use an unprivileged account because
the configuration file that contains that account name and password
has to be world-readable.
Template: libpam-ldap/dbrootlogin
Type: boolean
Default: true
_Description: Allow LDAP admin account to behave like local root?
This option will allow password utilities that use PAM to
change local passwords.
.
The LDAP admin account password will be stored in a separate file which will be made
readable to root only.
.
If /etc is mounted by NFS, this option should be disabled.
Template: shared/ldapns/ldap-server
Type: string
Default: ldapi:///
_Description: LDAP server URI:
Please enter the Uniform Resource Identifier of the LDAP server.
The format is 'ldap://<hostname_or_IP>:<port>/'. Alternatively,
'ldaps://' or 'ldapi://' can be used. The port number is optional.
.
Using an IP address is recommended to avoid failures when
domain name services are unavailable.
Template: libpam-ldap/bindpw
Type: password
_Description: Password for database login account:
Please enter the password that will be used to login to the LDAP database.
Template: libpam-ldap/override
Type: boolean
Default: true
_Description: Manage libpam-ldap configuration automatically?
The libpam-ldap package configuration may be managed automatically
from answers to questions asked during the configuration process.
The resulting configuration file may overwrite local changes.
.
If you do not choose this option, no further questions will be asked
and the configuration has to be done manually.
Source: libpam-ldap
Section: admin
Priority: extra
Maintainer: Richard A Nelson (Rick) <cowboy@debian.org>
Standards-Version: 3.7.2
Build-Depends: cdbs, patchutils, dh-buildinfo, debhelper (>= 4.1.3), autotools-dev, libldap2-dev, libpam0g-dev, po-debconf (>= 0.5.0)
Package: libpam-ldap
Architecture: any
Depends: ${shlibs:Depends}, debconf (>= 0.5) | debconf-2.0
Suggests: libnss-ldap
Description: Pluggable Authentication Module for LDAP
This package provides an interface between an LDAP server and the PAM
user authentication system. Using it along with libnss-ldap allows
LDAP to entirely replace other lookup methods (such as NIS or
flat-file) for system account tables.
Attachment:
signature.asc
Description: Digital signature