[Pkg-openldap-devel] Bug#402705: /etc/ldap/slapd.conf

Manoj Srivastava srivasta at golden-gryphon.com
Tue Dec 12 16:28:48 CET 2006 

Hi,

        conf file attached below. Has not been changed for a while:
__> ll /etc/ldap/slapd.conf 
8 -rw------- 1 root root 2061 2006-07-20 20:34 /etc/ldap/slapd.conf

        manoj

-------------- next part --------------
# Loading of backend modules - automatically generated

modulepath      /usr/lib/ldap
moduleload back_bdb

# This is the main ldapd configuration file. See slapd.conf(5) for more
# info on the configuration options.

# Schema and objectClass definitions
include         /etc/ldap/schema/core.schema
include         /etc/ldap/schema/cosine.schema
include         /etc/ldap/schema/nis.schema
include         /etc/ldap/schema/inetorgperson.schema

# Schema check allows for forcing entries to
# match schemas for their objectClasses's
schemacheck     on

# Where the pid file is put. The init.d script
# will not stop the server if you change this.
pidfile         /var/run/slapd.pid

# List of arguments that were passed to the server
argsfile        /var/run/slapd/slapd.args

# Where to store the replica logs
replogfile	/var/lib/ldap/replog

# Read slapd.conf(5) for possible values
loglevel        0

#######################################################################
# ldbm database definitions
#######################################################################

# The backend type, ldbm, is the default standard
database bdb

# The base of your directory
suffix          "dc=internal.golden-gryphon,dc=com"

# Where the database file are physically stored
directory       "/var/lib/ldap"

# Indexing options
index objectClass eq

# Save the time that the entry gets modified
lastmod on

# The userPassword by default can be changed
# by the entry owning it if they are authenticated.
# Others should not be able to see it, except the
# admin entry below
access to attrs=userPassword by dn.regex="cn=admin,dc=internal.golden-gryphon,dc=com" write by anonymous auth by self write by * none

# The admin dn has full write access
access to * by dn.regex="cn=admin,dc=internal.golden-gryphon,dc=com" write by * read

# For Netscape Roaming support, each user gets a roaming
# profile for which they have write access to
access to dn.regex=".*,ou=Roaming,o=morsnet" by dn.regex="cn=admin,dc=internal.golden-gryphon,dc=com" write by dnattr=owner write


-------------- next part --------------

-- 
If God had not given us sticky tape, it would have been necessary to
invent it.
Manoj Srivastava <srivasta at acm.org> <http://www.golden-gryphon.com/>
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

More information about the Pkg-openldap-devel mailing list