![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
index e8cf0484ce7baf9dfefe62753bcc4abc89dfd75d..c5b8d7dcb42a7504c1ec287c8389aee249324c45 100644 (file)
by * read
# Access to schema information
-access to dn.subtree=""
- by dn="cn=ldapadmin,dc=gonicus,dc=de" read
+#access to dn.subtree=""
+# by * read
# The userPassword/shadow Emtries by default can be
# changed by the entry owning it if they are authenticated.
by dn="cn=terminal-admin,dc=gonicus,dc=de" write
by dn="cn=ldapadmin,dc=gonicus,dc=de" write
by dn.regex="uid=[^/]+/admin\+(realm=GONICUS.LOCAL)?" write
+ by * none
access to dn.sub="ou=incoming,dc=gonicus,dc=de"
by dn="cn=terminal-admin,dc=gonicus,dc=de" write
by dn="cn=ldapadmin,dc=gonicus,dc=de" write
by dn.regex="uid=[^/]+/admin\+(realm=GONICUS.LOCAL)?" write
+ by * none
# What trees should be readable, depends on your policy. Either
# use this entry and specify what should be readable, or leave
# The backend type, ldbm, is the default standard
database bdb
cachesize 5000
-checkpoint 512 720
mode 0600
# The base of your directory
suffix "dc=gonicus,dc=de"
+checkpoint 512 720
# Sample password is "tester", generate a new one using the mkpasswd
# utility and put the string after {crypt}
# Indexing
index default sub
index uid,mail eq
+index gosaSnapshotDN eq
+index gosaSnapshotTimestamp eq,sub
index gosaMailAlternateAddress,gosaMailForwardingAddress eq
index cn,sn,givenName,ou pres,eq,sub
index objectClass pres,eq
index uidNumber,gidNumber,memberuid eq
index gosaSubtreeACL,gosaObject,gosaUser pres,eq
+# Indexing for Kolab
+#index alias eq,sub
+#index kolabDeleteFlag eq
+#index kolabHomeServer eq
+#index member pres,eq
+
# Indexing for Samba 3
index sambaSID eq
index sambaPrimaryGroupSID eq
# Where the database file are physically stored
directory "/var/lib/ldap"
-# Make mods (writes entryUuid for kolab...)
+# Log modifications and write entryUUID
lastmod on