diff -Nur -x '*.orig' -x '*.rej' e-smith-base+ldap-4.19.1/root/etc/e-smith/db/configuration/defaults/ldap/generateDb mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/db/configuration/defaults/ldap/generateDb
--- e-smith-base+ldap-4.19.1/root/etc/e-smith/db/configuration/defaults/ldap/generateDb	1969-12-31 17:00:00.000000000 -0700
+++ mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/db/configuration/defaults/ldap/generateDb	2008-04-02 10:43:54.000000000 -0600
@@ -0,0 +1 @@
+yes
diff -Nur -x '*.orig' -x '*.rej' e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/etc/ldap.conf/55bind_policy mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/etc/ldap.conf/55bind_policy
--- e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/etc/ldap.conf/55bind_policy	1969-12-31 17:00:00.000000000 -0700
+++ mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/etc/ldap.conf/55bind_policy	2008-04-02 10:43:54.000000000 -0600
@@ -0,0 +1,2 @@
+# Allow read /etc/{passwd,groups,shadow} files when ldap is down.
+bind_policy soft
diff -Nur -x '*.orig' -x '*.rej' e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/etc/ldap.conf/55initgroups_ignoreusers mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/etc/ldap.conf/55initgroups_ignoreusers
--- e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/etc/ldap.conf/55initgroups_ignoreusers	2008-04-02 10:45:15.000000000 -0600
+++ mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/etc/ldap.conf/55initgroups_ignoreusers	1969-12-31 17:00:00.000000000 -0700
@@ -1 +0,0 @@
-nss_initgroups_ignoreusers ldap
diff -Nur -x '*.orig' -x '*.rej' e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/etc/openldap/ldap.conf/12tls mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/etc/openldap/ldap.conf/12tls
--- e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/etc/openldap/ldap.conf/12tls	2008-04-02 10:45:15.000000000 -0600
+++ mezzanine_patched_e-smith-base+ldap-4.19.1/root/etc/e-smith/templates/etc/openldap/ldap.conf/12tls	1969-12-31 17:00:00.000000000 -0700
@@ -1,3 +0,0 @@
-TLS_CACERT /var/service/ldap/ssl/slapd.pem
-TLS_REQCERT always
-TLS_CIPHER_SUITE HIGH:MEDIUM:+SSLv2
diff -Nur -x '*.orig' -x '*.rej' e-smith-base+ldap-4.19.1/root/var/service/ldap/run mezzanine_patched_e-smith-base+ldap-4.19.1/root/var/service/ldap/run
--- e-smith-base+ldap-4.19.1/root/var/service/ldap/run	2008-04-02 10:45:17.000000000 -0600
+++ mezzanine_patched_e-smith-base+ldap-4.19.1/root/var/service/ldap/run	2008-04-02 10:43:59.000000000 -0600
@@ -2,6 +2,7 @@
 
 domain=$(/sbin/e-smith/config get DomainName)
 system=$(/sbin/e-smith/config get SystemName)
+generatedb=$(/sbin/e-smith/config getprop ldap generateDb)
 ldif="/home/e-smith/db/ldap/$domain.ldif"
 
 ./control/1
@@ -18,6 +19,14 @@
     fi
 fi
 
+# Ldap authentication post install
+if [ "$generatedb" == "yes" ]
+then
+    find /var/lib/ldap -type f | xargs -i mv "{}" "{}.old"
+    rm -f "$old_ldif" "$ldif"
+    /sbin/e-smith/config setprop ldap generateDb no
+fi
+
 # Set up symlink for ldap dump at shutdown
 ln -sf $ldif ./ldif