Sophie: kolab-2.1.0-8mdv2008.1 x86

kolab-2.1.0-8mdv2008.1.x86_64.rpm

KOLAB_META_START
TARGET=/etc/openldap/slapd.conf
PERMISSIONS=0640
OWNERSHIP=root:ldap
KOLAB_META_END
# (c) 2003 Tassilo Erlewein <tassilo.erlewein@erfrakon.de>
# (c) 2003-2007 Martin Konold <martin.konold@erfrakon.de>
# (c) 2003 Achim Frank <achim.frank@erfrakon.de>
# This program is Free Software under the GNU General Public License (>=v2).
# Read the file COPYING that comes with this packages for details.


# this file is automatically written by the Kolab config backend and should have the 
# file mode 0640

# manual additions are lost unless made to the template in the Kolab config directory
# the template is  /etc/kolab/templates/slapd.conf.template

include /usr/share/openldap/schema/core.schema
include /usr/share/openldap/schema/cosine.schema
include /usr/share/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/rfc2739.schema
include /etc/openldap/schema/kolab2.schema
#include /etc/openldap/schema/horde.schema
include /etc/openldap/slapd.access

access to * 
	by self write
	by group/kolabGroupOfNames="cn=admin,cn=internal,@@@base_dn@@@" write
	by group/kolabGroupOfNames="cn=maintainer,cn=internal,@@@base_dn@@@" write
	by * read stop

pidfile		/var/run/ldap/slapd.pid
replica-pidfile	/var/run/ldap/slurpd.pid
argsfile	/var/run/ldap/slapd.args
replicationinterval 5

#schemacheck	on
modulepath	/usr/lib64/openldap
moduleload	back_monitor.la

TLSCertificateFile     /etc/kolab/cert.pem
TLSCertificateKeyFile  /etc/kolab/key.pem

rootDSE                /etc/kolab/rootDSE.ldif

defaultsearchbase      "@@@base_dn@@@"

#require 	none
allow 		bind_v2

loglevel	0

database	bdb
suffix		"@@@base_dn@@@"
cachesize       10000
checkpoint 	512 5
idlcachesize    10000
idletimeout     80 # The value can be increased if some clients develop problems.
                   # Please report to kolab-devel@kolab.org if you encounter such a client.
dirtyread

directory	/var/lib/ldap-kolab

rootdn          "@@@bind_dn@@@"
rootpw          "@@@bind_pw_hash@@@"

replogfile	/var/lib/ldap-kolab/replog
replica uri=ldap://127.0.0.1:9999
        binddn="cn=replicator"
        bindmethod=simple 
	credentials=secret

#### Using overlays to improve data consistency
# Ensure that we never get dangling member attributes
# Checked on rename and delete
moduleload	refint.la
overlay refint
refint_attributes member

# The mail and the uid attribute must be unique.
moduleload	unique.la
overlay unique
unique_attributes mail uid

index   objectClass     pres,eq
index   uid             approx,sub,pres,eq
index   mail            approx,sub,pres,eq
index   alias           approx,sub,pres,eq
index   cn              approx,sub,pres,eq
index   sn              approx,sub,pres,eq
index   givenName       approx,sub,pres,eq
index   kolabDelegate   approx,sub,pres,eq
index   kolabHomeServer pres,eq
index   kolabDeleteflag pres,eq
index   member          pres,eq

access to dn="@@@base_dn@@@" attrs=children
	by group/kolabGroupOfNames="cn=admin,cn=internal,@@@base_dn@@@" write
	by group/kolabGroupOfNames="cn=maintainer,cn=internal,@@@base_dn@@@" write
	by group/kolabGroupOfNames="cn=domain-maintainer,cn=internal,@@@base_dn@@@" write

access to dn="cn=internal,@@@base_dn@@@" attrs=children
	by group/kolabGroupOfNames="cn=admin,cn=internal,@@@base_dn@@@" write
	by group/kolabGroupOfNames="cn=maintainer,cn=internal,@@@base_dn@@@" write
	by group/kolabGroupOfNames="cn=domain-maintainer,cn=internal,@@@base_dn@@@" write

access to dn.subtree="@@@base_dn@@@" attrs=userPassword
   	by group/kolabGroupOfNames="cn=admin,cn=internal,@@@base_dn@@@" =wx
        by group/kolabGroupOfNames="cn=maintainer,cn=internal,@@@base_dn@@@" =wx
        by self =wx
        by anonymous =x
        by * none stop

access to dn.subtree="@@@base_dn@@@" attrs=mail
        by group/kolabGroupOfNames="cn=admin,cn=internal,@@@base_dn@@@" write
        by group/kolabGroupOfNames="cn=maintainer,cn=internal,@@@base_dn@@@" write
        by * read stop

access to dn.subtree="@@@base_dn@@@" attrs=alias
        by group/kolabGroupOfNames="cn=admin,cn=internal,@@@base_dn@@@" write
        by group/kolabGroupOfNames="cn=maintainer,cn=internal,@@@base_dn@@@" write
        by * read stop

access to dn.subtree="@@@base_dn@@@" attrs=uid
        by group/kolabGroupOfNames="cn=admin,cn=internal,@@@base_dn@@@" write
        by group/kolabGroupOfNames="cn=maintainer,cn=internal,@@@base_dn@@@" write
        by * read stop

access to dn.subtree="@@@base_dn@@@" attrs=cyrus-userquota
        by group/kolabGroupOfNames="cn=admin,cn=internal,@@@base_dn@@@" write
        by group/kolabGroupOfNames="cn=maintainer,cn=internal,@@@base_dn@@@" write
	by self read stop

access to dn.subtree="@@@base_dn@@@" attrs=kolabHomeServer
        by group/kolabGroupOfNames="cn=admin,cn=internal,@@@base_dn@@@" write
        by group/kolabGroupOfNames="cn=maintainer,cn=internal,@@@base_dn@@@" write
        by * read stop

access to dn.subtree="@@@base_dn@@@" attrs=kolabHomeMTA
        by group/kolabGroupOfNames="cn=admin,cn=internal,@@@base_dn@@@" write
        by group/kolabGroupOfNames="cn=maintainer,cn=internal,@@@base_dn@@@" write
        by * read stop

access to dn="cn=nobody,@@@base_dn@@@"
        by anonymous auth stop

access to dn="cn=manager,cn=internal,@@@base_dn@@@"
        by dn="cn=nobody,cn=internal,@@@base_dn@@@" read
        by self write
        by anonymous auth stop

access to dn="cn=admin,cn=internal,@@@base_dn@@@"
        by group/kolabGroupOfNames="cn=admin,cn=internal,@@@base_dn@@@" write
        by dn="cn=nobody,cn=internal,@@@base_dn@@@" read
        by self write
        by anonymous auth stop

access to dn="cn=maintainer,cn=internal,@@@base_dn@@@"
        by group/kolabGroupOfNames="cn=admin,cn=internal,@@@base_dn@@@" write
        by group/kolabGroupOfNames="cn=maintainer,cn=internal,@@@base_dn@@@" read
        by dn="cn=nobody,cn=internal,@@@base_dn@@@" read
        by self write
        by anonymous auth stop

access to dn.regex="(.*,)?cn=internal,@@@base_dn@@@"
 	by group/kolabGroupOfNames="cn=admin,cn=internal,@@@base_dn@@@" write
        by group/kolabGroupOfNames="cn=maintainer,cn=internal,@@@base_dn@@@" write
        by self write
	by dn="cn=nobody,cn=internal,@@@base_dn@@@" read 
	by anonymous auth stop

access to dn.regex="(.*,)?cn=external,@@@base_dn@@@"
        by group/kolabGroupOfNames="cn=admin,cn=internal,@@@base_dn@@@" write
        by group/kolabGroupOfNames="cn=maintainer,cn=internal,@@@base_dn@@@" write
	by * read stop

access to dn="cn=external,@@@base_dn@@@"
	by dn="cn=nobody,cn=internal,@@@base_dn@@@" read 
	by * search stop

access to dn="cn=internal,@@@base_dn@@@"
	by dn="cn=nobody,cn=internal,@@@base_dn@@@" read 
        by * search stop

access to dn="k=kolab,@@@base_dn@@@"
	by group/kolabGroupOfNames="cn=admin,cn=internal,@@@base_dn@@@" write
	by group/kolabGroupOfNames="cn=maintainer,cn=internal,@@@base_dn@@@" read
	by group/kolabGroupOfNames="cn=domain-maintainer,cn=internal,@@@base_dn@@@" read
	by dn="cn=nobody,cn=internal,@@@base_dn@@@" read 
	by * none stop	

include /etc/openldap/slapd.replicas

database	monitor

access to dn.subtree="cn=Monitor"
	by group/kolabGroupOfNames="cn=admin,cn=internal,@@@base_dn@@@" write
	by * none stop