Add missing config.ldif
This commit is contained in:
parent
da504db847
commit
cf6223f759
|
@ -0,0 +1,76 @@
|
|||
dn: cn=config
|
||||
objectClass: olcGlobal
|
||||
cn: config
|
||||
olcArgsFile: /var/run/slapd/slapd.args
|
||||
olcPidFile: /var/run/slapd/slapd.pid
|
||||
olcToolThreads: 1
|
||||
olcLogLevel: none
|
||||
olcServerId: 1
|
||||
|
||||
dn: cn=module{0},cn=config
|
||||
objectClass: olcModuleList
|
||||
cn: module{0}
|
||||
olcModulePath: /usr/lib/ldap
|
||||
olcModuleLoad: {0}back_hdb
|
||||
olcModuleLoad: {1}back_monitor
|
||||
olcModuleLoad: {2}back_mdb
|
||||
olcModuleLoad: {3}accesslog
|
||||
olcModuleLoad: {4}unique
|
||||
olcModuleLoad: {5}refint
|
||||
olcModuleLoad: {6}constraint
|
||||
olcModuleLoad: {7}syncprov
|
||||
|
||||
dn: cn=schema,cn=config
|
||||
objectClass: olcSchemaConfig
|
||||
cn: schema
|
||||
|
||||
dn: olcDatabase={-1}frontend,cn=config
|
||||
objectClass: olcDatabaseConfig
|
||||
objectClass: olcFrontendConfig
|
||||
olcDatabase: {-1}frontend
|
||||
olcAccess: {0}to *
|
||||
by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage
|
||||
by * break
|
||||
olcAccess: {1}to dn.exact="" by * read
|
||||
olcAccess: {2}to dn.base="cn=Subschema" by * read
|
||||
olcSizeLimit: 500
|
||||
|
||||
dn: olcDatabase={0}config,cn=config
|
||||
objectClass: olcDatabaseConfig
|
||||
olcDatabase: {0}config
|
||||
olcAccess: {0}to *
|
||||
by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage
|
||||
by * break
|
||||
olcRootDN: cn=admin,cn=config
|
||||
|
||||
dn: olcDatabase={1}mdb,cn=config
|
||||
objectClass: olcDatabaseConfig
|
||||
objectClass: olcMdbConfig
|
||||
olcSuffix: cn=config-accesslog
|
||||
olcDbDirectory: /var/lib/ldap/config-accesslog/
|
||||
# Allow reading accesslog only by root
|
||||
olcAccess: {0}to *
|
||||
by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read
|
||||
by * break
|
||||
|
||||
dn: olcDatabase={1}monitor,cn=config
|
||||
objectClass: olcDatabaseConfig
|
||||
objectClass: olcMonitorConfig
|
||||
olcDatabase: {1}monitor
|
||||
# Allow reading monitoring only by root
|
||||
olcAccess: {0}to *
|
||||
by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read
|
||||
by * break
|
||||
|
||||
# Log all writes to the configuration
|
||||
dn: olcOverlay={0}accesslog,olcDatabase={0}config,cn=config
|
||||
objectClass: olcAccesslogConfig
|
||||
objectClass: olcOverlayConfig
|
||||
objectClass: olcConfig
|
||||
objectClass: top
|
||||
olcOverlay: {0}accesslog
|
||||
olcAccessLogDB: cn=config-accesslog
|
||||
olcAccessLogOps: writes
|
||||
# log are conserved one year and purged every day
|
||||
olcAccessLogPurge: 365+00:00 1+00:00
|
||||
olcAccessLogOld: objectClass=olcConfig
|
|
@ -1,42 +0,0 @@
|
|||
modify cn=module{0},cn=config
|
||||
replace: olcServerId
|
||||
: 1
|
||||
add: olcModuleLoad
|
||||
: back_monitor
|
||||
: back_mdb
|
||||
: accesslog
|
||||
: unique
|
||||
: refint
|
||||
: constraint
|
||||
: syncprov
|
||||
|
||||
# *FIXME: configure olsTLSCipherSuite pour interdire SSL 3.0
|
||||
# config accesslog
|
||||
add: olcDatabase={1}mdb,cn=config
|
||||
objectClass: olcDatabaseConfig
|
||||
objectClass: olcMdbConfig
|
||||
olcSuffix: cn=config-accesslog
|
||||
olcDbDirectory: /var/lib/ldap/config-accesslog/
|
||||
# Allow reading accesslog only by root
|
||||
olcAccess: {0}to * by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read by * break
|
||||
|
||||
add: olcDatabase={1}monitor,cn=config
|
||||
objectClass: olcDatabaseConfig
|
||||
objectClass: olcMonitorConfig
|
||||
olcDatabase: {1}monitor
|
||||
# Allow reading monitoring only by root
|
||||
olcAccess: {0}to * by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read by * break
|
||||
|
||||
# Log all writes to the configuration
|
||||
add: olcOverlay={0}accesslog,olcDatabase={0}config,cn=config
|
||||
objectClass: olcAccesslogConfig
|
||||
objectClass: olcOverlayConfig
|
||||
objectClass: olcConfig
|
||||
objectClass: top
|
||||
olcOverlay: {0}accesslog
|
||||
olcAccessLogDB: cn=config-accesslog
|
||||
olcAccessLogOps: writes
|
||||
# log are conserved one year and purged every day
|
||||
olcAccessLogPurge: 365+00:00 1+00:00
|
||||
olcAccessLogOld: objectClass=olcConfig
|
||||
|
Reference in New Issue