entrouvert
/
slapd-supann
Archived
17
0
Fork 0
Code Issues Pull Requests Releases Activity
This repository has been archived on 2023-02-21. You can view files and clone it, but cannot push or open issues or pull requests.
slapd-supann/share/config.ldif

80 lines
2.2 KiB
Plaintext
Raw Blame History

dn: cn=config
objectClass: olcGlobal
cn: config
olcArgsFile: /var/run/slapd/slapd.args
olcPidFile: /var/run/slapd/slapd.pid
olcToolThreads: 1
olcLogLevel: none
olcServerId: 1
olcTLSCertificateFile: /etc/ldap/ssl/slapd.pem
olcTLSCertificateKeyFile: /etc/ldap/ssl/slapd.key
dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module{0}
olcModulePath: /usr/lib/ldap
olcModuleLoad: {0}back_hdb
olcModuleLoad: {1}back_monitor
olcModuleLoad: {2}back_mdb
olcModuleLoad: {3}accesslog
olcModuleLoad: {4}unique
olcModuleLoad: {5}refint
olcModuleLoad: {6}constraint
olcModuleLoad: {7}syncprov
dn: cn=schema,cn=config
objectClass: olcSchemaConfig
cn: schema
dn: olcDatabase={-1}frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: {-1}frontend
olcAccess: {0}to *
by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage
by * break
olcAccess: {1}to dn.exact="" by * read
olcAccess: {2}to dn.base="cn=Subschema" by * read
olcSizeLimit: 500
olcLimits: {0}* size.pr=1000 size.prtotal=unlimited
dn: olcDatabase={0}config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcAccess: {0}to *
by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage
by * break
olcRootDN: cn=admin,cn=config
dn: olcDatabase={1}mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcSuffix: cn=config-accesslog
olcDbDirectory: /var/lib/ldap/config-accesslog/
# Allow reading accesslog only by root
olcAccess: {0}to *
by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read
by * break
dn: olcDatabase={1}monitor,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMonitorConfig
olcDatabase: {1}monitor
# Allow reading monitoring only by root
olcAccess: {0}to *
by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read
by * break
# Log all writes to the configuration
dn: olcOverlay={0}accesslog,olcDatabase={0}config,cn=config
objectClass: olcAccesslogConfig
objectClass: olcOverlayConfig
objectClass: olcConfig
objectClass: top
olcOverlay: {0}accesslog
olcAccessLogDB: cn=config-accesslog
olcAccessLogOps: writes
# log are conserved one year and purged every day
olcAccessLogPurge: 365+00:00 1+00:00
olcAccessLogOld: objectClass=olcConfig
View Git Blame Copy Permalink