From e9bf9ae5c313ee4398c1bb1241438650f84d5bd4 Mon Sep 17 00:00:00 2001
From: Mark Ottaway <mark.ottaway@sohonet.com>
Date: Mon, 4 Nov 2024 18:58:16 +0000
Subject: [PATCH] For MFA at LDAP, 1 second isnt long enough

---
 manifests/module/ldap.pp | 2 ++
 templates/ldap.erb       | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/manifests/module/ldap.pp b/manifests/module/ldap.pp
index dc547bbb..2f66cbdc 100644
--- a/manifests/module/ldap.pp
+++ b/manifests/module/ldap.pp
@@ -62,6 +62,8 @@
   Integer $lifetime                                                   = 0,
   Integer $idle_timeout                                               = 60,
   Optional[Float] $connect_timeout                                    = undef,
+  Integer $net_timeout                                                = 1,
+
 ) {
   $fr_package          = $::freeradius::params::fr_package
   $fr_service          = $::freeradius::params::fr_service
diff --git a/templates/ldap.erb b/templates/ldap.erb
index c04d3b39..eb43b455 100644
--- a/templates/ldap.erb
+++ b/templates/ldap.erb
@@ -642,7 +642,7 @@ ldap <%= @name %> {
 		#  failures) default: 10
 		#
 		#  LDAP_OPT_NETWORK_TIMEOUT is set to this value.
-		net_timeout = 1
+		net_timeout = <%= @net_timeout %>
 
 		#  LDAP_OPT_X_KEEPALIVE_IDLE
 		idle = <%= @idle %>