# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.6 2001/04/20 23:32:43 kurt Exp $ # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # # Modified by Christian Zoffoli <czoffoli@linux-mandrake.com> # Version 0.2 # include /usr/share/openldap/schema/core.schema include /usr/share/openldap/schema/cosine.schema include /usr/share/openldap/schema/corba.schema include /usr/share/openldap/schema/inetorgperson.schema include /usr/share/openldap/schema/java.schema include /usr/share/openldap/schema/krb5-kdc.schema include /usr/share/openldap/schema/kerberosobject.schema include /usr/share/openldap/schema/misc.schema include /usr/share/openldap/schema/nis.schema include /usr/share/openldap/schema/openldap.schema #include /usr/share/openldap/schema/rfc822-MailMember.schema #include /usr/share/openldap/schema/pilot.schema #include /usr/share/openldap/schema/autofs.schema #include /usr/share/openldap/schema/samba.schema #include /usr/share/openldap/schema/qmail.schema #include /usr/share/openldap/schema/mull.schema #include /usr/share/openldap/schema/netscape-profile.schema #include /usr/share/openldap/schema/trust.schema #include /usr/share/openldap/schema/dns.schema #include /usr/share/openldap/schema/cron.schema include /etc/openldap/schema/local.schema # Define global ACLs to disable default read access. include /etc/openldap/slapd.access.conf # Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap://root.openldap.org pidfile /var/run/ldap/slapd.pid argsfile /var/run/ldap/slapd.args modulepath /usr/lib/openldap #moduleload back_dnssrv.la #moduleload back_ldap.la #moduleload back_passwd.la #moduleload back_sql.la # SASL config #sasl-host ldap.example.com # To allow TLS-enabled connections, create /usr/share/ssl/certs/slapd.pem # and uncomment the following lines. #TLSRandFile /dev/random #TLSCipherSuite HIGH:MEDIUM:+SSLv2 TLSCertificateFile /etc/ssl/openldap/ldap.pem TLSCertificateKeyFile /etc/ssl/openldap/ldap.pem #TLSCACertificatePath /etc/ssl/openldap/ TLSCACertificateFile /etc/ssl/openldap/ldap.pem #TLSVerifyClient 0 ####################################################################### # ldbm database definitions ####################################################################### database ldbm suffix "dc=example,dc=com" #suffix "o=My Organization Name,c=US" rootdn "cn=Manager,dc=example,dc=com" #rootdn "cn=Manager,o=My Organization Name,c=US" # Cleartext passwords, especially for the rootdn, should # be avoided. See slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. # rootpw secret # rootpw {crypt}ijFYNcSNctBYg # The database directory MUST exist prior to running slapd AND # should only be accessable by the slapd/tools. Mode 700 recommended. directory /var/lib/ldap # Indices to maintain #index objectClass eq index objectClass,uid,uidNumber,gidNumber eq index cn,mail,surname,givenname eq,subinitial # logging loglevel 256 # Basic ACL access to attr=userPassword by self write by anonymous auth by dn="uid=root,ou=People,dc=example,dc=com" write by * none access to * by dn="uid=root,ou=People,dc=example,dc=com" write by * read