BASE {{ ldap_suffix }}
{%if ldap_have_ssl %}
URI ldaps://{{ ldap_server }}
TLS_CACERT {{ ldap_ssl_cacert_path }}
TLS_REQCERT allow 
URI ldap://localhost/
{%else%}
URI ldap://localhost
{%endif%}