URL ldap://ldap BindDN cn=admin,dc=domain,dc=org Password secret Timeout 15 FollowReferrals yes TLSCACertFile /usr/local/etc/ssl/ca.pem TLSCACertDir /etc/ssl/certs TLSCertFile /usr/local/etc/ssl/client-cert.pem TLSKeyFile /usr/local/etc/ssl/client-key.pem BaseDN "ou=users,dc=domain,dc=org" SearchFilter "(|(uid=%u)(cn=%u)(mail=%u))" RequireGroup false