![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ea5e463)
raw | patch | inline | side by side (parent: ea5e463)
| author | opensides <opensides@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Tue, 10 Oct 2006 06:48:35 +0000 (06:48 +0000) | ||
| committer | opensides <opensides@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Tue, 10 Oct 2006 06:48:35 +0000 (06:48 +0000) |
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@4872 594d385d-05f5-0310-b6e9-bd551577e9d8
| contrib/opensides/ldap/slapd.conf | [deleted file] | patch | blob | history |
diff --git a/contrib/opensides/ldap/slapd.conf b/contrib/opensides/ldap/slapd.conf
+++ /dev/null
@@ -1,232 +0,0 @@
-# This is the main ldapd configuration file. See slapd.conf(5) for more
-# info on the configuration options.
-
-##
-## NOTE: This is an example. You should use the template shipped
-## with your distribution and adapt it to your needs.
-##
-
-# Schema and objectClass definitions, depending on your
-# LDAP setup
-include /etc/ldap/schema/core.schema
-include /etc/ldap/schema/cosine.schema
-include /etc/ldap/schema/inetorgperson.schema
-include /etc/ldap/schema/openldap.schema
-include /etc/ldap/schema/nis.schema
-include /etc/ldap/schema/misc.schema
-#include /etc/ldap/schema/krb5-kdc.schema
-#include /etc/ldap/schema/trust.schema
-
-# These should be present for GOsa. In case of samba3,
-# replace samba.schema and gosa.schema by samba3.schema
-# and gosa+samba3.schema. Don't include both and remember
-# to adjust the indexing and acl stuff below!
-include /etc/ldap/schema/samba.schema
-#include /etc/ldap/schema/pureftpd.schema
-include /etc/ldap/schema/goconfig.schema
-include /etc/ldap/schema/gohard.schema
-include /etc/ldap/schema/gofon.schema
-include /etc/ldap/schema/goto.schema
-include /etc/ldap/schema/gosa+samba3.schema
-include /etc/ldap/schema/gofax.schema
-include /etc/ldap/schema/goserver.schema
-include /etc/ldap/schema/gofirewall.schema
-
-
-# These should be present for egroupware mail attributes
-#include /etc/ldap/schema/phpgwaccount.schema
-#include /etc/ldap/schema/phpgwcontact.schema
-
-# These should be present for nagios plugin to work
-#include /etc/ldap/schema/nagios.schema
-
-# Schema check allows for forcing entries to
-# match schemas for their objectClasses's
-schemacheck on
-
-# Security settings
-# Parameters: sasl, ssf, tls, transport, update_sasl, update_ssf,
-# update_tls, update_transport
-#security update_sasl=128,uptate_tls=128
-
-# Require settings
-# Paramters: none, authc, bind, LDAPv3, SASL (strong)
-#require authc, LDAPv3
-
-# Allow settings
-# Parameters: none, bind_v2, tls_2_anon, bind_anon_cred, bind_anon_dn,
-# update_anon
-allow bind_v2
-
-# Disallow settings
-# Parameters: bind_anon, bind_simple_unprotected, tls_2_anon,
-# bind_simple, bind_krbv4, tls_authc
-
-# Password hash default value
-# Parameters: {SHA}, {SMD5}, {MD4}, {CRYPT}, {CLEARTEXT}
-password-hash {CRYPT}
-
-# Search base
-defaultsearchbase dc=opensides,dc=be
-
-
-# Where clients are refered to if no
-# match is found locally
-#referral ldap://some.other.ldap.server
-
-## TLS setup, needs certificates
-#TLSCipherSuite HIGH:MEDIUM:+SSLv2
-#TLSCertificateFile /etc/ssl/certs/slapd.pem
-#TLSCertificateKeyFile /etc/ssl/certs/slapd.pem
-
-## SASL setup
-#sasl-authz-policy
-#sasl-host gosa.sweatshop.local
-#sasl-realm sweatshop.LOCAL
-#sasl-regexp cn=(.*),ou=(.*) cn=$1,ou=$2,ou=people,dc=opensides,dc=be
-#sasl-secprops noanonymous
-
-## Kerberos setup
-#srvtab /etc/krb5.keytab.ldap
-
-# Where the pid file is put. The init.d script
-# will not stop the server if you change this.
-pidfile /var/run/slapd/slapd.pid
-
-# List of arguments that were passed to the server
-argsfile /var/run/slapd.args
-
-# Read slapd.conf(5) for possible values
-#loglevel 2528
-#loglevel 384
-#loglevel 8
-
-# Where the dynamically loaded modules are stored
-modulepath /usr/lib/ldap
-moduleload back_bdb
-#moduleload back_shell
-
-# Some tuning parameters
-threads 64
-concurrency 32
-conn_max_pending 100
-conn_max_pending_auth 250
-reverse-lookup off
-sizelimit 1000
-timelimit 30
-idletimeout 30
-
-# Limits
-#limits anonymous size.soft=500 time.soft=5
-#limits user size=none time.soft=30
-
-#######################################################################
-# database definitions
-#######################################################################
-
-# The backend type, ldbm, is the default standard
-database bdb
-cachesize 5000
-checkpoint 512 720
-mode 0600
-
-# The base of your directory
-suffix "dc=opensides,dc=be"
-
-# Sample password is "tester", generate a new one using the mkpasswd
-# utility and put the string after {crypt}
-rootdn "cn=ldapadmin,dc=opensides,dc=be"
-rootpw {crypt}2wTonoD6DWM/A
-
-# Indexing
-index default sub
-index uid,mail eq
-index gosaMailAlternateAddress,gosaMailForwardingAddress eq
-index cn,sn,givenName,ou pres,eq,sub
-index objectClass pres,eq
-index uidNumber,gidNumber,memberuid eq
-index gosaSubtreeACL,gosaObject,gosaUser pres,eq
-
-# Indexing for Samba 3
-index sambaSID eq
-index sambaPrimaryGroupSID eq
-index sambaDomainName eq
-
-
-# Where the database file are physically stored
-directory "/var/lib/ldap"
-
-# Save the time that the entry gets modified
-lastmod off
-
-# The userPassword/shadow Emtries by default can be
-# changed by the entry owning it if they are authenticated.
-# Others should not be able to see it, except the admin
-# entry below
-access to attrs=userPassword,sambaPwdLastSet,sambaPwdMustChange,sambaPwdCanChange,shadowMax,shadowExpire
- by dn="cn=ldapadmin,dc=opensides,dc=be" write
- by anonymous auth
- by self write
- by self read
- by * none
-
-# Deny access to imap/fax/kerberos admin passwords stored
-# in ldap tree
-access to attrs=goImapPassword
- by dn="cn=ldapadmin,dc=opensides,dc=be" write
- by * none
-access to attrs=goKrbPassword
- by dn="cn=ldapadmin,dc=opensides,dc=be" write
- by * none
-access to attrs=goFaxPassword
- by dn="cn=ldapadmin,dc=opensides,dc=be" write
- by * none
-
-# Let servers write last user attribute
-access to attrs=gotoLastUser
- by * write
-
-# Samba passwords by default can be changed
-# by the entry owning it if they are authenticated.
-# Others should not be able to see it, except the
-# admin entry below
-access to attrs=sambaLmPassword,sambaNtPassword
- by dn="cn=ldapadmin,dc=opensides,dc=be" write
- by anonymous auth
- by self write
- by self read
- by * none
-
-# Enable write create access for the terminal admin
-access to dn="ou=incoming,dc=opensides,dc=be"
- by dn="cn=terminal-admin,dc=opensides,dc=be" write
- by dn="cn=ldapadmin,dc=opensides,dc=be" write
-
-# What trees should be readable, depends on your policy. Either
-# use this entry and specify what should be readable, or leave
-# the access to * => by * read below untouched
-#access to dn="ou=(people|groups)"
-# by * read
-
-# The admin dn has full write access
-access to *
- by dn="cn=ldapadmin,dc=opensides,dc=be" =wrscx
- by * read
-
-# Example replication using admin account. This will require taking the
-# out put of this database using slapcat(8C), and then importing that into
-# the replica using slapadd(8C).
-
-# Replication setup
-#replogfile /var/log/ldap-replicalog
-#replica host=ldap-2.sweatshop.local
-# binddn="cn=replicator,dc=opensides,dc=be bindmethod=simple credentials=secret
-
-# Dummy database for config replication
-#database shell
-#suffix "dc=opensides,dc=shell"
-#search /etc/ldap/shell/process.pl
-#add /etc/ldap/shell/process.pl
-
-# End of ldapd configuration file
-