Sophie

Sophie

distrib > Mageia > 5 > i586 > media > core-release > by-pkgid > c031e6b4ec62ed509c3c4c8e7bf7c57d > files > 26

fusiondirectory-plugin-asterisk-1.0.8.1-5.mga5.noarch.rpm

# This is the main ldapd configuration file. See slapd.conf(5) for more
# info on the configuration options.

##
## NOTE: This is an example. You should use the template shipped
##       with your distribution and adapt it to your needs.
##

# Schema and objectClass definitions, depending on your
# LDAP setup
include   /etc/ldap/schema/core.schema
include   /etc/ldap/schema/cosine.schema
include   /etc/ldap/schema/inetorgperson.schema
include   /etc/ldap/schema/openldap.schema
include   /etc/ldap/schema/nis.schema
include   /etc/ldap/schema/misc.schema

# These should be present for FusionDirectory.
include   /etc/ldap/schema/samba.schema
include   /etc/ldap/schema/fusiondirectory/core-fd.schema
include   /etc/ldap/schema/fusiondirectory/core-fd-conf.schema
include   /etc/ldap/schema/fusiondirectory/recovery-fd.schema
include   /etc/ldap/schema/fusiondirectory/ldapns.schema


# Security settings
# Parameters: sasl, ssf, tls, transport, update_sasl, update_ssf,
#             update_tls, update_transport
#security     update_sasl=128,uptate_tls=128

# Require settings
# Paramters: none, authc, bind, LDAPv3, SASL (strong)
#require      authc, LDAPv3

# Allow settings
# Parameters: none, bind_v2, tls_2_anon, bind_anon_cred, bind_anon_dn,
#             update_anon
#allow      bind_v2

# Disallow settings
# Parameters: bind_anon, bind_simple_unprotected, tls_2_anon,
#             bind_simple, bind_krbv4, tls_authc

# Password hash default value
# Parameters: {SHA}, {SMD5}, {MD4}, {CRYPT}, {CLEARTEXT}
password-hash   {CRYPT}

# Search base
defaultsearchbase dc=fusiondirectory,dc=org

# Where clients are refered to if no
# match is found locally
#referral ldap://some.other.ldap.server

## TLS setup, needs certificates
#TLSCipherSuite HIGH:MEDIUM:+SSLv2
#TLSCertificateFile /etc/ssl/certs/slapd.pem
#TLSCertificateKeyFile /etc/ssl/certs/slapd.pem

## SASL setup
#sasl-authz-policy
#sasl-host  fusiondirectory.fusiondirectory.local
#sasl-realm FUSIONDIRECTORY.LOCAL
#sasl-regexp  cn=(.*),ou=(.*) cn=$1,ou=$2,ou=People,dc=fusiondirectory,dc=org
#sasl-secprops  noanonymous

## Kerberos setup
#srvtab   /etc/krb5.keytab.ldap

# Where the pid file is put. The init.d script
# will not stop the server if you change this.
pidfile   /var/run/slapd/slapd.pid

# List of arguments that were passed to the server
argsfile  /var/run/slapd/slapd.args

# Read slapd.conf(5) for possible values
loglevel  1024

# Where the dynamically loaded modules are stored
modulepath      /usr/lib/ldap
moduleload      back_hdb
moduleload      back_monitor
#moduleload      back_shell

# Some tuning parameters
#threads    64
#concurrency    32
#conn_max_pending 100
#conn_max_pending_auth  250
#reverse-lookup   off
#sizelimit    1000
#timelimit    30
#idletimeout    30

# Limits
#limits anonymous size.soft=500 time.soft=5
#limits user    size=none time.soft=30

# Speed up member add/mod/delete operations
sortvals member memberUid roleOccupant

access to dn.base=""
        by * read

access to dn.subtree=cn=Monitor
        by * read

# Access to schema information
#access to dn.subtree=""
#        by * read

# The userPassword/shadow Emtries by default can be
# changed by the entry owning it if they are authenticated.
# Others should not be able to see it, except the admin
# entry below
access to attrs=userPassword,sambaPwdLastSet,sambaPwdMustChange,sambaPwdCanChange,shadowMax,shadowExpire
  by dn.regex="uid=[^/]+/admin\+(realm=FUSIONDIRECTORY.LOCAL)?" write
  by anonymous auth
  by self write
  by * none

# Deny access to imap/fax/kerberos admin passwords stored
# in ldap tree
access to attrs=goImapPassword
  by dn.regex="uid=[^/]+/admin\+(realm=FUSIONDIRECTORY.LOCAL)?" write
  by * none
access to attrs=goKrbPassword
  by dn.regex="uid=[^/]+/admin\+(realm=FUSIONDIRECTORY.LOCAL)?" write
  by * none
access to attrs=goFaxPassword
  by dn.regex="uid=[^/]+/admin\+(realm=FUSIONDIRECTORY.LOCAL)?" write
  by * none

# Let servers write last user attribute
access to attrs=gotoLastUser
  by * write

# Samba passwords by default can be changed
# by the entry owning it if they are authenticated.
# Others should not be able to see it, except the
# admin entry below
access to attrs=sambaLmPassword,sambaNtPassword
  by dn.regex="uid=[^/]+/admin\+(realm=FUSIONDIRECTORY.LOCAL)?" write
  by anonymous auth
  by self write
  by * none

# What trees should be readable, depends on your policy. Either
# use this entry and specify what should be readable, or leave
# the access to * => by * read below untouched
#access to dn="ou=(people|groups)"
# by * read

# The admin dn has full write access
access to *
  by dn.regex="uid=[^/]+/admin\+(realm=FUSIONDIRECTORY.LOCAL)?" =wrscx
  by * read
# by peername="ip=127\.0\.0\.1" read
# by * none

#######################################################################
# database definitions
#######################################################################

# Monitor backend
database  monitor

# The backend type, ldbm, is the default standard
database  hdb
cachesize 5000
mode      0600

# The base of your directory
suffix    "dc=fusiondirectory,dc=org"
checkpoint  512 720

# Sample password is "tester", generate a new one using the mkpasswd
# utility and put the string after {crypt}
rootdn  "cn=ldapadmin,dc=fusiondirectory,dc=org"
rootpw  {crypt}OuorOLd3VqvC2

# Indexing
index   default                                                sub
index   uid,mail                                               eq
index   gosaSnapshotDN                                         eq
index   gosaSnapshotTimestamp                                  eq,sub
index   gosaMailAlternateAddress,gosaMailForwardingAddress     eq
index   cn,sn,givenName,ou                                     pres,eq,sub
index   objectClass                                            pres,eq
index   uidNumber,gidNumber,memberuid                          eq
index   roleOccupant                                           eq
index   gosaSubtreeACL,gosaObject,gosaUser                     pres,eq

# Indexing for Kolab
#index  alias             eq,sub
#index  kolabDeleteflag           eq
#index  kolabHomeServer           eq
#index  member              pres,eq

# Indexing for Samba 3
index   sambaSID                                               eq
index   sambaPrimaryGroupSID                                   eq
index   sambaDomainName                                        eq

# Indexing for DHCP
#index  dhcpHWAddress                                          eq
#index  dhcpClassData                                          eq

# Indexing for DNS
#index  zoneName                                               eq
#index  relativeDomainName                                     eq

# Where the database file are physically stored
directory "/var/lib/ldap"

# Log modifications and write entryUUID
lastmod on


# Example replication using admin account. This will require taking the
# out put of this database using slapcat(8C), and then importing that into
# the replica using slapadd(8C).

# Replication setup
#replogfile /var/log/ldap-replicalog
#replica host=ldap-2.fusiondirectory.local
# binddn="cn=replicator,dc=fusiondirectory,dc=org" bindmethod=simple credentials=secret

# Dummy database for config replication
#database        shell
#suffix          "dc=fusiondirectory,dc=shell"
#search          /etc/ldap/shell/process.pl
#add     /etc/ldap/shell/process.pl

# End of ldapd configuration file

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional