(2nd LCFC, after including suggestions by Justin...you were right, Justin, they had been eaten by CRM114). This is the last call for comments for the review of debconf templates for libpam-ldap. The reviewed templates will be sent on Monday, June 01, 2009 to the package maintainer as a bug report and a mail will be sent to this list with "[BTS]" as a subject tag. --
Template: libpam-ldap/rootbinddn
Type: string
Default: cn=manager,dc=example,dc=net
_Description: LDAP administrative account:
Please enter the name of the LDAP administrative account.
.
This account will be used automatically for database management, so
it will be granted the appropriate privileges.
Template: libpam-ldap/rootbindpw
Type: password
#flag:comment:3
# Translators: do not translate "${filename}"
_Description: LDAP administrative password:
Please enter the password of the administrative account.
.
The password will be stored in the file ${filename}.
This will be made readable to root only, and will allow ${package}
to carry out automatic database management logins.
.
If this field is left empty, the previously stored password will
be re-used.
Template: libpam-ldap/dblogin
Type: boolean
Default: false
_Description: Does the LDAP database require login?
Please choose whether the LDAP server should enforce a login before
retrieving entries.
.
Such a setup is not usually needed.
Template: shared/ldapns/base-dn
Type: string
Default: dc=example,dc=net
_Description: Distinguished name of the search base:
Please enter the distinguished name of the LDAP search base. Many sites
use the components of their domain names for this purpose. For example,
the domain "example.net" would use "dc=example,dc=net" as the
distinguished name of the search base.
Template: libpam-ldap/pam_password
Type: select
__Choices: clear, crypt, nds, ad, exop, md5
Default: crypt
_Description: Local encryption algorithm to use for passwords:
The PAM module can encrypt the password locally when changing it,
which is recommended:
* clear: no encryption. This should be chosen when LDAP servers
automatically encrypt the userPassword entry;
* crypt: make userPassword use the same format as the flat
local password database. If in doubt, you should choose this option;
* nds: use Novell Directory Services-style updating. The old
password is first removed, then updated;
* ad: Active Directory-style. This creates a Unicode password and
updates the unicodePwd attribute;
* exop: use the OpenLDAP password change extended operation to update the
password.
Template: shared/ldapns/ldap_version
Type: select
Choices: 3, 2
Default: 3
_Description: LDAP version to use:
Please choose the version of the LDAP protocol that should be used by
ldapns. Using the highest available version number is recommended.
Template: libpam-ldap/binddn
Type: string
Default: cn=proxyuser,dc=example,dc=net
_Description: LDAP login user account:
Please enter the name of the LDAP account that should be used for
non-administrative (read-only) database logins.
.
It is highly recommended to use an unprivileged account, because
the configuration file that contains the account name and password
must be world-readable.
Template: libpam-ldap/dbrootlogin
Type: boolean
Default: true
_Description: Allow LDAP admin account to behave like local root?
This option will allow password utilities that use PAM to
change local passwords.
.
The LDAP admin account password will be stored in a separate file which will be made
readable to root only.
.
If /etc is mounted by NFS, this option should be disabled.
Template: shared/ldapns/ldap-server
Type: string
Default: ldapi:///
_Description: LDAP server URI:
Please enter the Uniform Resource Identifier of the LDAP server.
The format is 'ldap://<hostname_or_IP>:<port>/'. Alternatively,
'ldaps://' or 'ldapi://' can be used. The port number is optional.
.
Using an IP address is recommended to avoid failures when
domain name services are unavailable.
Template: libpam-ldap/bindpw
Type: password
_Description: Password for LDAP login user:
Please enter the password for the nonadministrative LDAP login account.
Template: libpam-ldap/override
Type: boolean
Default: true
_Description: Manage libpam-ldap configuration automatically?
The libpam-ldap package configuration may be managed automatically
using answers to questions asked during the configuration process.
The resulting configuration file may overwrite local changes.
.
If you do not choose this option, no further questions will be asked
and the configuration will need to be done manually.
Source: libpam-ldap
Section: admin
Priority: extra
Maintainer: Richard A Nelson (Rick) <cowboy@debian.org>
Standards-Version: 3.7.2
Build-Depends: cdbs, patchutils, dh-buildinfo, debhelper (>= 4.1.3), autotools-dev, libldap2-dev, libpam0g-dev, po-debconf (>= 0.5.0)
Package: libpam-ldap
Architecture: any
Depends: ${shlibs:Depends}, debconf (>= 0.5) | debconf-2.0
Suggests: libnss-ldap
Description: Pluggable Authentication Module for LDAP
This package provides an interface between an LDAP server and the PAM
user authentication system. Using it along with libnss-ldap allows
LDAP to entirely replace other lookup methods (such as NIS or
flat-file) for system account tables.
Attachment:
signature.asc
Description: Digital signature