From b76f383eefe961e8a2f42ac782031e3e09ff7192 Mon Sep 17 00:00:00 2001 From: Oliver Liebel Date: Mon, 8 Sep 2008 14:39:54 +1000 Subject: Use DIGEST-MD5 authentication for OpenLDAP replication This avoids passing rootdn passwords or replicated data in cleartext across the network. Signed-of-by: Andrew Bartlett (This used to be commit 67373c143a1d8a9f310fd116dbf81c1dd123b75f) --- source4/setup/slapd.conf | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source4/setup/slapd.conf') diff --git a/source4/setup/slapd.conf b/source4/setup/slapd.conf index 141c0cd27a..b64d581e0d 100644 --- a/source4/setup/slapd.conf +++ b/source4/setup/slapd.conf @@ -1,5 +1,8 @@ loglevel 0 +### needed for initial content load ### +sizelimit unlimited + ### Multimaster-ServerIDs and URLs ### ${MMR_SERVERIDS_CONFIG} @@ -36,7 +39,7 @@ access to dn.subtree="cn=samba" by anonymous auth access to dn.subtree="${DOMAINDN}" - by dn=cn=samba-admin,cn=samba manage + by dn=cn=samba-admin,cn=samba manage${REPLICATOR_ACL} by dn=cn=manager manage by * none @@ -62,7 +65,6 @@ rootdn cn=Manager,cn=Samba database hdb suffix ${SCHEMADN} rootdn cn=Manager,${SCHEMADN} -rootpw "${MMR_PASSWORD}" directory ${LDAPDIR}/db/schema index objectClass eq index samAccountName eq @@ -89,7 +91,6 @@ ${MIRRORMODE} database hdb suffix ${CONFIGDN} rootdn cn=Manager,${CONFIGDN} -rootpw "${MMR_PASSWORD}" directory ${LDAPDIR}/db/config index objectClass eq index samAccountName eq @@ -118,7 +119,6 @@ ${MIRRORMODE} database hdb suffix ${DOMAINDN} rootdn cn=Manager,${DOMAINDN} -rootpw "${MMR_PASSWORD}" directory ${LDAPDIR}/db/user index objectClass eq index samAccountName eq -- cgit