# The LDAP version to use
ldap_version 3
-# Use uniqueMember
+# Use the uniqueMember property, referring to dn's instead of the memberUid
+# property referring to usernames. This allows us to have group members with or
+# without an account, and give a group member an account without having to
+# change all his memberships.
nss_schema rfc2307bis
# Use our custom posixGroup replacement