Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- include /etc/openldap/schema/core.schema
- include /etc/openldap/schema/cosine.schema
- include /etc/openldap/schema/inetorgperson.schema
- include /etc/openldap/schema/rfc2307bis.schema
- pidfile /var/run/slapd/slapd.pid
- argsfile /var/run/slapd/slapd.args
- loglevel 256
- password-hash {CLEARTEXT}
- access to dn.base="" by * read
- access to dn.base="cn=subschema" by * read
- authz-regexp uid=(.*),cn=.*,cn=auth
- ldap:///dc=example,dc=com??sub?uid=$1
- authz-regexp
- gidNumber=0\\+uidNumber=0,peercred,cn=external,cn=auth
- cn=config
- TLSCACertificateFile /etc/openldap/certs/myCA.crt
- TLSCertifcateFile /etc/openldap/certs/myserver.crt
- TLSCertificateKeyFile /etc/openldap/certs/myserver.key
- TLSCipherSuite HIGH:TLSv1.2:SSLv3
- serverID 1
- security ssf=0
- database config
- rootdn cn=config
- rootpw {SSHA}xxxxxxxx
- database mdb
- suffix "dc=example,dc=com"
- rootdn "cn=Manager,dc=example,dc=com"
- rootpw {SSHA}xxxxxxxx
- directory /var/lib/ldap
- checkpoint 1024 5
- envflags {nometasync,writemap,mapasync}
- maxsize 5368709120
- index objectClass pres,eq
- index entryCSN,entryUUID eq
- index mail,uid eq,sub
- limits dn.base="uid=Replicator,dc=example,dc=com"
- size=unlimited
- time=unlimited
- access to attrs=userPassword
- by self write
- by dn.base="uid=Replicator,dc=example,dc=com" read
- by * auth
- access to dn.subtree="dc=example,dc=com"
- by self write
- by dn.base="uid=Replicator,dc=example,dc=com" write
- by * read
- syncrepl rid=010
- provider=ldap://192.168.220.171
- sizelimit=unlimited
- timelimit=unlimited
- bindmethod=sasl
- saslmech=DIGEST-MD5
- authcid=Replicator
- credentials=xxxxxx
- starttls=yes
- tls_cacert=/etc/openldap/certs/myCA.crt
- searchbase="dc=example,dc=com"
- scope=sub
- type=refreshAndPersist
- retry="5 5 300 5"
- logbase="cn=log"
- logfilter=(&(objectClass=auditWriteObject)(reqResult=0))
- syncdata=accesslog
- updateref ldap://192.168.220.171
- overlay accesslog
- logdb cn=log
- logops writes
- logpurge 3+00:00 1+00:00
- logsuccess TRUE
- overlay syncprov
- syncprov-checkpoint 5 5
- database mdb
- suffix cn=log
- directory /var/lib/ldap/log
- rootdn cn=log
- limits dn.base="uid=Replicator,dc=example,dc=com"
- size=unlimited
- time=unlimited
- index reqStart,reqEnd,reqResult,reqMod eq
- index objectClass,entryCSN,entryUUID eq
- access to * by dn.base="uid=Replicator,dc=example,dc=com" read
- database monitor
- access to dn.subtree="cn=monitor" by users read
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement