openldap integration

1. # extended LDIF
2. #
3. # LDAPv3
4. # base <cn=config> with scope subtree
5. # filter: (objectclass=*)
6. # requesting: ALL
7. #
8.  
9. # config
10. dn: cn=config
11. objectClass: olcGlobal
12. cn: config
13. olcArgsFile: /var/run/slapd/slapd.args
14. olcLogLevel: none
15. olcPidFile: /var/run/slapd/slapd.pid
16. olcToolThreads: 1
17.  
18. # module{0}, config
19. dn: cn=module{0},cn=config
20. objectClass: olcModuleList
21. cn: module{0}
22. olcModulePath: /usr/lib/ldap
23. olcModuleLoad: {0}back_hdb
24. olcModuleLoad: {1}back_ldap
25. olcModuleLoad: {2}back_bdb
26. olcModuleLoad: {3}rwm
27.  
28. # {0}hdb, config
29. dn: olcBackend={0}hdb,cn=config
30. objectClass: olcBackendConfig
31. olcBackend: {0}hdb
32.  
33. # {-1}frontend, config
34. dn: olcDatabase={-1}frontend,cn=config
35. objectClass: olcDatabaseConfig
36. objectClass: olcFrontendConfig
37. olcDatabase: {-1}frontend
38. olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external
39.  ,cn=auth manage by * break
40. olcAccess: {1}to dn.exact="" by * read
41. olcAccess: {2}to dn.base="cn=Subschema" by * read
42. olcSizeLimit: 500
43.  
44. # {0}chain, {-1}frontend, config
45. dn: olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config
46. objectClass: olcOverlayConfig
47. objectClass: olcChainConfig
48. olcOverlay: {0}chain
49. olcChainReturnError: TRUE
50.  
51. # {0}ldap, {0}chain, {-1}frontend, config
52. dn: olcDatabase={0}ldap,olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config
53. objectClass: olcLDAPConfig
54. objectClass: olcChainDatabase
55. olcDatabase: {0}ldap
56. olcDbURI: ldap://test-rwdc01.ad.domain.com:389
57. olcDbRebindAsUser: TRUE
58. olcSuffix: dc=ad,dc=domain,dc=com
59. olcDbIDAssertBind: bindmethod=simple binddn="cn=Binder,cn=Users,dc=ad,dc=dom
60.  ain,dc=com" credentials="ldappass" mode=none
61.  
62. # {0}config, config
63. dn: olcDatabase={0}config,cn=config
64. objectClass: olcDatabaseConfig
65. olcDatabase: {0}config
66. olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external
67.  ,cn=auth manage by * break
68.  
69. # {1}hdb, config
70. dn: olcDatabase={1}hdb,cn=config
71. objectClass: olcDatabaseConfig
72. objectClass: olcHdbConfig
73. olcDatabase: {1}hdb
74. olcDbDirectory: /var/lib/ldap
75. olcSuffix: dc=nodomain
76. olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by anonymou
77.  s auth by dn="cn=admin,dc=nodomain" write by * none
78. olcAccess: {1}to dn.base="" by * read
79. olcAccess: {2}to * by self write by dn="cn=admin,dc=nodomain" write by * read
80. olcLastMod: TRUE
81. olcRootDN: cn=admin,dc=nodomain
82. olcRootPW: {SSHA}Lwz1vCC/tBR/Nwo9pWbs2R5OfICfsfM3
83. olcDbCheckpoint: 512 30
84. olcDbConfig: {0}set_cachesize 0 2097152 0
85. olcDbConfig: {1}set_lk_max_objects 1500
86. olcDbConfig: {2}set_lk_max_locks 1500
87. olcDbConfig: {3}set_lk_max_lockers 1500
88. olcDbIndex: objectClass eq
89.  
90. # {2}ldap, config
91. dn: olcDatabase={2}ldap,cn=config
92. objectClass: olcLDAPConfig
93. olcDatabase: {2}ldap
94. olcSuffix: dc=ad,dc=domain,dc=com
95. olcSubordinate: TRUE
96. olcDbURI: ldap://test-rwdc01.ad.domain.com:389
97. olcDbIDAssertBind: bindmethod=simple binddn="cn=Bind Guy,cn=Users,dc=ad,dc=dom
98.  ain,dc=com" credentials="ldappass" mode=none
99. olcDbRebindAsUser: TRUE
100. olcDbChaseReferrals: TRUE
101.  
102. # {3}bdb, config
103. dn: olcDatabase={3}bdb,cn=config
104. objectClass: olcBdbConfig
105. olcDatabase: {3}bdb
106. olcDbDirectory: /var/lib/ldap2
107. olcSuffix: dc=domain,dc=com
108. olcAccess: {0}to attrs=userPassword by self write by anonymous auth by dn.base
109.  ="cn=admin,dc=domain,dc=com" write   by * none
110. olcAccess: {1}to *   by self write   by dn.base="cn=admin,dc=domain,dc=
111.  com" write   by * read
112. olcRootDN: cn=admin,dc=domain,dc=com
113. olcRootPW: testpass
114. olcDbIndex: uid pres,eq
115. olcDbIndex: cn,sn,mail pres,eq,approx,sub
116. olcDbIndex: objectClass eq
117.  
118. # search result
119. search: 2
120. result: 0 Success
121.  
122. # numResponses: 16
123. # numEntries: 15