# Use PAM. But thanks to PasswordAuthentication being set to "no", PAM will be

# used just for session stuff.

UsePAM yes

# Specify a dedicated PID file for the backup SSH.

# Users logging-in are forced to use the SFTP server.

ForceCommand internal-sftp

# Chroot logged-in users to their home directories.

ChrootDirectory %h

    """

    Tests if LDAP server has been configured to listen on correct sockets.

    """

    assert host.socket('tcp://389').is_listening

    assert host.socket('tcp://636').is_listening

def test_ldap_server_service(host):

    """

    Tests if the LDAP service is enabled and running.

    """

c2s_require_encryption = true

-- Disable certificate validation for server-to-server connections.

s2s_secure_auth = false

-- Path to Prosody's PID file.

-- Authentication backend.

authentication = "ldap"

ldap_server = "{{ xmpp_ldap_server }}"

ldap_rootdn = "cn=prosody,ou=services,{{ xmpp_ldap_base_dn }}"

ldap_password = "{{ xmpp_ldap_password }}"