diff --git a/etc/nss_pam_oidc.example.toml b/etc/nss_pam_oidc.example.toml
index ac4e2035abe3f1d5d2dee3dc12557c64ad9e3338..663c74fbdcaf2e46afe32fabe8526094a21b23cf 100644
--- a/etc/nss_pam_oidc.example.toml
+++ b/etc/nss_pam_oidc.example.toml
@@ -12,14 +12,21 @@ client_secret = ""
 
 urls.passwd = "https://ticdesk-dev.teckids.org/app/nis/api/passwd/"
 
+# The following configuration maps the attributes as returned by AlekSIS, as
+# example onto a system that also has local accounts (thus mapping IDs and
+# home directories).
 maps.passwd = """
     {
         name: .username,
+        # No passwords in passwd
         passwd: "x",
-        uid: .uid,
-        gid: .primary_gid,
-        gecos: "Foo",
-        dir: .home_directory,
+        # Map user and group IDs starting at 10000
+        uid: (.uid + 10000),
+        gid: (.primary_gid + 10000),
+        # Append organisation name to Gecos field
+        gecos: (.full_name + " (Teckids)"),
+        # Remap /home from server to /srv/teckids locally
+        dir: ("/srv/teckids/" + (.home_directory|ltrimstr("/home/"))),
         shell: .login_shell
     }
 """