108 lines
2.8 KiB
Plaintext
108 lines
2.8 KiB
Plaintext
|
include /etc/openldap/schema/uidpool.schema
|
||
|
include /etc/openldap/schema/sudo.schema
|
||
|
include /etc/openldap/schema/autofs.schema
|
||
|
|
||
|
TLSCACertificateFile /etc/openldap/pla/ca-bundle.crt
|
||
|
TLSCertificateFile /etc/openldap/pla/slapd.crt
|
||
|
TLSCertificateKeyFile /etc/openldap/pla/slapd.key
|
||
|
|
||
|
access to dn.regex="o=Simpsons$" attrs=userpassword
|
||
|
by anonymous auth
|
||
|
by self write
|
||
|
by * none
|
||
|
|
||
|
access to dn.base="" by * read
|
||
|
access to dn.regex="dc=example.com$"
|
||
|
by dn.regex="o=Flintstones$" none
|
||
|
by dn.regex="o=Simpsons$" none
|
||
|
by * write
|
||
|
access to dn.regex="dc=example,dc=com$"
|
||
|
by dn.regex="o=Flintstones$" none
|
||
|
by dn.regex="o=Simpsons$" none
|
||
|
by * write
|
||
|
access to dn.regex="o=Flintstones$"
|
||
|
by dn.regex="o=Simpsons$" none
|
||
|
by self write
|
||
|
by dn.regex="cn=.*,ou=People,o=Flintstones" write
|
||
|
by * read
|
||
|
access to dn.regex="o=Simpsons$"
|
||
|
by dn.regex="o=Flintstones$" none
|
||
|
by self write
|
||
|
by dn.regex="cn=.*,ou=People,o=Simpsons" write
|
||
|
by * read
|
||
|
access to *
|
||
|
by * read
|
||
|
|
||
|
authz-policy any
|
||
|
|
||
|
database ldbm
|
||
|
suffix "dc=example.com"
|
||
|
rootdn "cn=Manager,dc=example.com"
|
||
|
rootpw NotAllowed
|
||
|
directory /var/lib/ldap/base-example.com
|
||
|
dirtyread
|
||
|
cachesize 2000
|
||
|
checkpoint 32 1
|
||
|
# Indices to maintain for this database
|
||
|
index objectClass eq,pres
|
||
|
index ou,cn,mail,surname,givenname eq,pres,sub
|
||
|
index uidNumber,gidNumber,loginShell eq,pres
|
||
|
index uid,memberUid eq,pres,sub
|
||
|
index nisMapName,nisMapEntry eq,pres,sub
|
||
|
|
||
|
database ldbm
|
||
|
suffix "dc=example,dc=com"
|
||
|
rootdn "cn=Manager,dc=example,dc=com"
|
||
|
rootpw NotAllowed
|
||
|
directory /var/lib/ldap/base-example-com
|
||
|
dirtyread
|
||
|
cachesize 2000
|
||
|
checkpoint 32 1
|
||
|
# Indices to maintain for this database
|
||
|
index objectClass eq,pres
|
||
|
index ou,cn,mail,surname,givenname eq,pres,sub
|
||
|
index uidNumber,gidNumber,loginShell eq,pres
|
||
|
index uid,memberUid eq,pres,sub
|
||
|
index nisMapName,nisMapEntry eq,pres,sub
|
||
|
|
||
|
database ldbm
|
||
|
suffix "o=Simpsons"
|
||
|
rootdn "cn=Manager,o=Simpsons"
|
||
|
rootpw NotAllowed
|
||
|
directory /var/lib/ldap/base-simpsons
|
||
|
dirtyread
|
||
|
cachesize 2000
|
||
|
checkpoint 32 1
|
||
|
# Indices to maintain for this database
|
||
|
index objectClass eq,pres
|
||
|
index ou,cn,mail,surname,givenname eq,pres,sub
|
||
|
index uidNumber,gidNumber,loginShell eq,pres
|
||
|
index uid,memberUid eq,pres,sub
|
||
|
index nisMapName,nisMapEntry eq,pres,sub
|
||
|
|
||
|
sasl-regexp uid=(.*),cn=(.*),cn=gssapi,cn=auth
|
||
|
ldap:///dc=example.com??sub?(&(uid=$1)(objectClass=inetOrgPerson))
|
||
|
|
||
|
database bdb
|
||
|
suffix "o=Flintstones"
|
||
|
rootdn "cn=Manager,o=Flintstones"
|
||
|
rootpw NotAllowed
|
||
|
directory /var/lib/ldap/base-flintstones
|
||
|
dirtyread
|
||
|
cachesize 2000
|
||
|
checkpoint 32 1
|
||
|
# Indices to maintain for this database
|
||
|
index objectClass eq,pres
|
||
|
index ou,cn,mail,surname,givenname eq,pres,sub
|
||
|
index uidNumber,gidNumber,loginShell eq,pres
|
||
|
index uid,memberUid eq,pres,sub
|
||
|
index nisMapName,nisMapEntry eq,pres,sub
|
||
|
|
||
|
database monitor
|
||
|
access to * by * read
|
||
|
|
||
|
database config
|
||
|
access to * by * read
|
||
|
rootdn cn=admin,cn=config
|
||
|
rootpw password
|