include /etc/openldap/schema/uidpool.schema
include /etc/openldap/schema/sudo.schema
include /etc/openldap/schema/autofs.schema
TLSCACertificateFile /etc/openldap/pla/ca-bundle.crt
TLSCertificateFile /etc/openldap/pla/slapd.crt
TLSCertificateKeyFile /etc/openldap/pla/slapd.key
access to dn.regex="o=Simpsons$" attrs=userpassword
by anonymous auth
by self write
by * none
access to dn.base="" by * read
access to dn.regex="dc=example.com$"
by dn.regex="o=Flintstones$" none
by dn.regex="o=Simpsons$" none
by * write
access to dn.regex="dc=example,dc=com$"
by dn.regex="o=Flintstones$" none
by dn.regex="o=Simpsons$" none
by * write
access to dn.regex="o=Flintstones$"
by dn.regex="o=Simpsons$" none
by self write
by dn.regex="cn=.*,ou=People,o=Flintstones" write
by * read
access to dn.regex="o=Simpsons$"
by dn.regex="o=Flintstones$" none
by self write
by dn.regex="cn=.*,ou=People,o=Simpsons" write
by * read
access to *
by * read
authz-policy any
database ldbm
suffix "dc=example.com"
rootdn "cn=Manager,dc=example.com"
rootpw NotAllowed
directory /var/lib/ldap/base-example.com
dirtyread
cachesize 2000
checkpoint 32 1
# Indices to maintain for this database
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
database ldbm
suffix "dc=example,dc=com"
rootdn "cn=Manager,dc=example,dc=com"
rootpw NotAllowed
directory /var/lib/ldap/base-example-com
dirtyread
cachesize 2000
checkpoint 32 1
# Indices to maintain for this database
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
database ldbm
suffix "o=Simpsons"
rootdn "cn=Manager,o=Simpsons"
rootpw NotAllowed
directory /var/lib/ldap/base-simpsons
dirtyread
cachesize 2000
checkpoint 32 1
# Indices to maintain for this database
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
sasl-regexp uid=(.*),cn=(.*),cn=gssapi,cn=auth
ldap:///dc=example.com??sub?(&(uid=$1)(objectClass=inetOrgPerson))
database bdb
suffix "o=Flintstones"
rootdn "cn=Manager,o=Flintstones"
rootpw NotAllowed
directory /var/lib/ldap/base-flintstones
dirtyread
cachesize 2000
checkpoint 32 1
# Indices to maintain for this database
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
database monitor
access to * by * read
database config
access to * by * read
rootdn cn=admin,cn=config
rootpw password
|