diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2007-05-29 01:20:47 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:53:00 -0500 |
| commit | 5fb459e4fa3201a3d5cbc22c5ff011bfc98a9519 (patch) | |
| tree | 7bfef694058416ed31fcce643f65b04977fcd419 /source4/setup/slapd.conf | |
| parent | b8b580dbcb0468306b89e0a37589700dee6ca7b8 (diff) | |
| download | samba-5fb459e4fa3201a3d5cbc22c5ff011bfc98a9519.tar.gz samba-5fb459e4fa3201a3d5cbc22c5ff011bfc98a9519.tar.bz2 samba-5fb459e4fa3201a3d5cbc22c5ff011bfc98a9519.zip | |
r23177: Add in a new provision-backend script. This helps set up the OpenLDAP or Fedora DS backend.
This required a new mkdir() call in ejs.
We can now provision just the schema for ad2oLschema to operate on
(with provision_schema(), without performing the whole provision, just
to wipe it again (adjustments to 'make test' to come soon).
Andrew Bartlett
(This used to be commit 01d54d13dc66ef2127ac52c64ede53d0790738ec)
Diffstat (limited to 'source4/setup/slapd.conf')
| -rw-r--r-- | source4/setup/slapd.conf | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/source4/setup/slapd.conf b/source4/setup/slapd.conf new file mode 100644 index 0000000000..a6fe73a4de --- /dev/null +++ b/source4/setup/slapd.conf @@ -0,0 +1,73 @@ +loglevel 0 + +include ${LDAPDIR}/backend-schema.schema + +pidfile ${LDAPDIR}/slapd.pid +argsfile ${LDAPDIR}/slapd.args +sasl-realm ${DNSDOMAIN} +access to * by * write + +allow update_anon + +authz-regexp + uid=([^,]*),cn=${DNSDOMAIN},cn=digest-md5,cn=auth + ldap:///${DOMAINDN}??sub?(samAccountName=\$1) + +authz-regexp + uid=([^,]*),cn=([^,]*),cn=digest-md5,cn=auth + ldap:///${DOMAINDN}??sub?(samAccountName=\$1) + +include $modconf + +defaultsearchbase \"${DOMAINDN}\" + +backend bdb +database bdb +suffix \"cn=Schema,cn=Configuration,${DOMAINDN}\" +directory ${LDAPDIR}/db/schema +index objectClass eq +index samAccountName eq +index name eq +index objectCategory eq +index lDAPDisplayName eq +index subClassOf eq + +database bdb +suffix \"cn=Configuration,${DOMAINDN}\" +directory ${LDAPDIR}/db/config +index objectClass eq +index samAccountName eq +index name eq +index objectSid eq +index objectCategory eq +index nCName eq pres +index subClassOf eq +index dnsRoot eq +index nETBIOSName eq pres + +database bdb +suffix \"${DOMAINDN}\" +rootdn \"cn=Manager,${DOMAINDN}\" +rootpw ${LDAPMANAGERPASS} +directory ${LDAPDIR}/db/user +index objectClass eq +index samAccountName eq +index name eq +index objectSid eq +index objectCategory eq +index member eq +index uidNumber eq +index gidNumber eq +index unixName eq +index privilege eq +index nCName eq pres +index lDAPDisplayName eq +index subClassOf eq +index dnsRoot eq +index nETBIOSName eq pres + +#syncprov is stable in OpenLDAP 2.3, and available in 2.2. +#We only need this for the contextCSN attribute anyway.... +overlay syncprov +syncprov-checkpoint 100 10 +syncprov-sessionlog 100 |