#%PAM-1.0
auth            sufficient      pam_rootok.so
-auth            sufficient      pam_ldap.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth           sufficient      pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
#auth           required        pam_wheel.so use_uid
-auth            required        pam_unix.so use_first_pass
-account         sufficient      pam_ldap.so
account         required        pam_unix.so
-session         required        pam_mkhomedir.so skel=/etc/skel umask=0077
-session         sufficient      pam_ldap.so
session         required        pam_unix.so
password        include         system-auth