Tree - rpms/openldap - CentOS Git server

mrc0mmand / rpms / openldap

Forked from rpms/openldap 3 years ago

Source
Stats

Blame SOURCES/slapd.ldif

Blob History Raw

		57672d	`#`
		57672d	`# See slapd-config(5) for details on configuration options.`
		57672d	`# This file should NOT be world readable.`
		57672d	`#`
		57672d
		57672d	`dn: cn=config`
		57672d	`objectClass: olcGlobal`
		57672d	`cn: config`
		57672d	`#`
		57672d	`# TLS settings`
		57672d	`#`
		57672d	`# When no CA certificates are specified the Shared System Certificates`
		57672d	`# are in use. In order to have these available along with the ones specified`
		57672d	`# by oclTLSCACertificatePath one has to include them explicitly:`
		57672d	`#olcTLSCACertificateFile: /etc/pki/tls/cert.pem`
		57672d	`#`
		57672d	`# Private cert and key are not pregenerated.`
		57672d	`#olcTLSCertificateFile:`
		57672d	`#olcTLSCertificateKeyFile:`
		57672d	`#`
		57672d	`# System-wide Crypto Policies provide up to date cipher suite which should`
		57672d	`# be used unless one needs a finer grinded selection of ciphers. Hence, the`
		57672d	`# PROFILE=SYSTEM value represents the default behavior which is in place`
		57672d	`# when no explicit setting is used. (see openssl-ciphers(1) for more info)`
		57672d	`#olcTLSCipherSuite: PROFILE=SYSTEM`
		57672d
		57672d
		57672d	`#`
		57672d	`# Do not enable referrals until AFTER you have a working directory`
		57672d	`# service AND an understanding of referrals.`
		57672d	`#`
		57672d	`#olcReferral: ldap://root.openldap.org`
		57672d	`#`
		57672d	`# Sample security restrictions`
		57672d	`# Require integrity protection (prevent hijacking)`
		57672d	`# Require 112-bit (3DES or better) encryption for updates`
		57672d	`# Require 64-bit encryption for simple bind`
		57672d	`#`
		57672d	`#olcSecurity: ssf=1 update_ssf=112 simple_bind=64`
		57672d
		57672d
		57672d	`#`
		57672d	`# Load dynamic backend modules:`
		57672d	`# - modulepath is architecture dependent value (32/64-bit system)`
		57672d	`# - back_sql.la backend requires openldap-servers-sql package`
		57672d	`# - dyngroup.la and dynlist.la cannot be used at the same time`
		57672d	`#`
		57672d
		57672d	`#dn: cn=module,cn=config`
		57672d	`#objectClass: olcModuleList`
		57672d	`#cn: module`
		57672d	`#olcModulepath: /usr/lib/openldap`
		57672d	`#olcModulepath: /usr/lib64/openldap`
		57672d	`#olcModuleload: accesslog.la`
		57672d	`#olcModuleload: auditlog.la`
		57672d	`#olcModuleload: back_dnssrv.la`
		57672d	`#olcModuleload: back_ldap.la`
		57672d	`#olcModuleload: back_mdb.la`
		57672d	`#olcModuleload: back_meta.la`
		57672d	`#olcModuleload: back_null.la`
		57672d	`#olcModuleload: back_passwd.la`
		57672d	`#olcModuleload: back_relay.la`
		57672d	`#olcModuleload: back_shell.la`
		57672d	`#olcModuleload: back_sock.la`
		57672d	`#olcModuleload: collect.la`
		57672d	`#olcModuleload: constraint.la`
		57672d	`#olcModuleload: dds.la`
		57672d	`#olcModuleload: deref.la`
		57672d	`#olcModuleload: dyngroup.la`
		57672d	`#olcModuleload: dynlist.la`
		57672d	`#olcModuleload: memberof.la`
		57672d	`#olcModuleload: pcache.la`
		57672d	`#olcModuleload: ppolicy.la`
		57672d	`#olcModuleload: refint.la`
		57672d	`#olcModuleload: retcode.la`
		57672d	`#olcModuleload: rwm.la`
		57672d	`#olcModuleload: seqmod.la`
		57672d	`#olcModuleload: smbk5pwd.la`
		57672d	`#olcModuleload: sssvlv.la`
		57672d	`#olcModuleload: syncprov.la`
		57672d	`#olcModuleload: translucent.la`
		57672d	`#olcModuleload: unique.la`
		57672d	`#olcModuleload: valsort.la`
		57672d
		57672d
		57672d	`#`
		57672d	`# Schema settings`
		57672d	`#`
		57672d
		57672d	`dn: cn=schema,cn=config`
		57672d	`objectClass: olcSchemaConfig`
		57672d	`cn: schema`
		57672d
		57672d	`include: file:///etc/openldap/schema/core.ldif`
		57672d
		57672d	`#`
		57672d	`# Frontend settings`
		57672d	`#`
		57672d
		57672d	`dn: olcDatabase=frontend,cn=config`
		57672d	`objectClass: olcDatabaseConfig`
		57672d	`olcDatabase: frontend`
		57672d	`#`
		57672d	`# Sample global access control policy:`
		57672d	`# Root DSE: allow anyone to read it`
		57672d	`# Subschema (sub)entry DSE: allow anyone to read it`
		57672d	`# Other DSEs:`
		57672d	`# Allow self write access`
		57672d	`# Allow authenticated users read access`
		57672d	`# Allow anonymous users to authenticate`
		57672d	`#`
		57672d	`#olcAccess: to dn.base="" by * read`
		57672d	`#olcAccess: to dn.base="cn=Subschema" by * read`
		57672d	`#olcAccess: to *`
		57672d	`# by self write`
		57672d	`# by users read`
		57672d	`# by anonymous auth`
		57672d	`#`
		57672d	`# if no access controls are present, the default policy`
		57672d	`# allows anyone and everyone to read anything but restricts`
		57672d	`# updates to rootdn. (e.g., "access to * by * read")`
		57672d	`#`
		57672d	`# rootdn can always read and write EVERYTHING!`
		57672d	`#`
		57672d
		57672d	`#`
		57672d	`# Configuration database`
		57672d	`#`
		57672d
		57672d	`dn: olcDatabase=config,cn=config`
		57672d	`objectClass: olcDatabaseConfig`
		57672d	`olcDatabase: config`
		57672d	`olcAccess: to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,c`
		57672d	`n=auth" manage by * none`
		57672d
		57672d	`#`
		57672d	`# Server status monitoring`
		57672d	`#`
		57672d
		57672d	`dn: olcDatabase=monitor,cn=config`
		57672d	`objectClass: olcDatabaseConfig`
		57672d	`olcDatabase: monitor`
		57672d	`olcAccess: to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,c`
		57672d	`n=auth" read by dn.base="cn=Manager,dc=my-domain,dc=com" read by * none`
		57672d
		57672d	`#`
		57672d	`# Backend database definitions`
		57672d	`#`
		57672d
		57672d	`dn: olcDatabase=mdb,cn=config`
		57672d	`objectClass: olcDatabaseConfig`
		57672d	`objectClass: olcMdbConfig`
		57672d	`olcDatabase: mdb`
		57672d	`olcSuffix: dc=my-domain,dc=com`
		57672d	`olcRootDN: cn=Manager,dc=my-domain,dc=com`
		57672d	`olcDbDirectory: /var/lib/ldap`
		57672d	`olcDbIndex: objectClass eq,pres`
		57672d	`olcDbIndex: ou,cn,mail,surname,givenname eq,pres,sub`

mrc0mmand / rpms / openldap

Source Code

Blame SOURCES/slapd.ldif