about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--nixos/modules/config/ldap.nix6
-rw-r--r--nixos/modules/config/nsswitch.nix2
2 files changed, 7 insertions, 1 deletions
diff --git a/nixos/modules/config/ldap.nix b/nixos/modules/config/ldap.nix
index 7cbcc39412ea..da875d6e4821 100644
--- a/nixos/modules/config/ldap.nix
+++ b/nixos/modules/config/ldap.nix
@@ -68,6 +68,12 @@ in
         description = "Whether to include authentication against LDAP in login PAM";
       };
 
+      nsswitch = mkOption {
+        type = types.bool;
+        default = true;
+        description = "Whether to include lookup against LDAP in NSS";
+      };
+
       server = mkOption {
         example = "ldap://ldap.example.org/";
         description = "The URL of the LDAP server.";
diff --git a/nixos/modules/config/nsswitch.nix b/nixos/modules/config/nsswitch.nix
index a39c2895bf84..f30136be44e1 100644
--- a/nixos/modules/config/nsswitch.nix
+++ b/nixos/modules/config/nsswitch.nix
@@ -8,7 +8,7 @@ let
 
   inherit (config.services.avahi) nssmdns;
   inherit (config.services.samba) nsswins;
-  ldap = config.users.ldap.enable;
+  ldap = (config.users.ldap.enable && config.users.ldap.nsswitch);
 
 in
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-11 10:11:22 +0000