Allow to connect when ldap is not available

diff --git a/modules/base_installation/manifests/ldap.pp b/modules/base_installation/manifests/ldap.pp
index 5a3532716793a7ac84b2700cc685d735071d2aac..929140234cd7e071dd0d1b5ab3c21eadcf7504ed 100644 (file)
--- a/modules/base_installation/manifests/ldap.pp
+++ b/modules/base_installation/manifests/ldap.pp
@@ -43,9 +43,9 @@ class base_installation::ldap inherits base_installation {
         ensure    => present,
         service   => $service,
         type      => "password",
-        control   => "[success=done new_authtok_reqd=ok ignore=ignore default=bad]",
+        control   => "[success=done new_authtok_reqd=ok authinfo_unavail=ignore ignore=ignore default=bad]",
         module    => "pam_ldap.so",
-        arguments => "ignore_unknown_user",
+        arguments => ["ignore_unknown_user", "ignore_authinfo_unavail"],
         position  => 'before *[type="password" and module="pam_unix.so"]',
         require   => Package["ruby-augeas"],
       }
@@ -57,9 +57,9 @@ class base_installation::ldap inherits base_installation {
           ensure    => present,
           service   => $service,
           type      => $type,
-          control   => "[success=done new_authtok_reqd=ok ignore=ignore default=bad]",
+          control   => "[success=done new_authtok_reqd=ok authinfo_unavail=ignore ignore=ignore default=bad]",
           module    => "pam_ldap.so",
-          arguments => "ignore_unknown_user",
+          arguments => ["ignore_unknown_user", "ignore_authinfo_unavail"],
           position  => "before *[type=\"$type\" and module=\"pam_unix.so\"]",
           require   => Package["ruby-augeas"],
         }