2007-05-29 05:20:47 +04:00
loglevel 0
2008-09-08 08:39:54 +04:00
### needed for initial content load ###
sizelimit unlimited
2008-08-19 06:03:04 +04:00
### Multimaster-ServerIDs and URLs ###
${MMR_SERVERIDS_CONFIG}
2007-05-29 05:20:47 +04:00
include ${LDAPDIR}/backend-schema.schema
pidfile ${LDAPDIR}/slapd.pid
argsfile ${LDAPDIR}/slapd.args
sasl-realm ${DNSDOMAIN}
2008-07-15 09:15:12 +04:00
#authz-regexp
# uid=([^,]*),cn=${DNSDOMAIN},cn=digest-md5,cn=auth
# ldap:///${DOMAINDN}??sub?(samAccountName=\$1)
2007-05-29 05:20:47 +04:00
2008-07-15 09:15:12 +04:00
#authz-regexp
# uid=([^,]*),cn=([^,]*),cn=digest-md5,cn=auth
# ldap:///${DOMAINDN}??sub?(samAccountName=\$1)
2007-05-29 05:20:47 +04:00
authz-regexp
uid=([^,]*),cn=([^,]*),cn=digest-md5,cn=auth
2008-07-15 09:15:12 +04:00
ldap:///cn=samba??one?(cn=\$1)
authz-regexp
uid=([^,]*),cn=([^,]*),cn=ntlm,cn=auth
ldap:///cn=samba??one?(cn=\$1)
2013-09-18 01:04:06 +04:00
authz-regexp
gidNumber=.*\\\+uidNumber=${ADMIN_UID},cn=peercred,cn=external,cn=auth
cn=samba-admin,cn=samba
2008-07-15 09:15:12 +04:00
access to dn.base=""
by dn=cn=samba-admin,cn=samba manage
by anonymous read
by * read
access to dn.subtree="cn=samba"
by anonymous auth
access to dn.subtree="${DOMAINDN}"
2008-09-08 08:39:54 +04:00
by dn=cn=samba-admin,cn=samba manage${REPLICATOR_ACL}
2008-07-21 03:36:24 +04:00
by dn=cn=manager manage
2008-07-15 16:07:45 +04:00
by * none
2008-07-15 09:15:12 +04:00
password-hash {CLEARTEXT}
2007-05-29 05:20:47 +04:00
2007-05-29 16:18:41 +04:00
defaultsearchbase ${DOMAINDN}
2007-05-29 05:20:47 +04:00
2008-07-21 03:36:24 +04:00
rootdn cn=Manager
2010-04-22 11:20:21 +04:00
moduleload rdnval
moduleload deref
2008-12-16 11:18:21 +03:00
overlay deref
2010-04-22 11:20:21 +04:00
moduleload refint
2008-07-18 12:58:56 +04:00
${REFINT_CONFIG}
2010-04-22 11:20:21 +04:00
moduleload memberof
2008-03-15 11:03:04 +03:00
${MEMBEROF_CONFIG}
2008-01-01 13:01:07 +03:00
2010-04-22 11:20:21 +04:00
moduleload syncprov
2013-09-18 02:38:42 +04:00
database mdb
2008-07-15 09:15:12 +04:00
suffix cn=Samba
directory ${LDAPDIR}/db/samba
2008-07-21 03:36:24 +04:00
rootdn cn=Manager,cn=Samba
2008-07-15 09:15:12 +04:00
2009-02-24 03:37:58 +03:00
########################################
## olc - configuration ###
2009-08-13 11:01:27 +04:00
database config
rootdn cn=config
2009-02-24 03:37:58 +03:00
${OLC_SYNCREPL_CONFIG}
${OLC_MMR_CONFIG}
2009-08-13 11:01:27 +04:00
access to dn.sub="cn=config"
by dn="cn=samba-admin,cn=samba" write
by dn="cn=replicator,cn=samba" read
2009-02-24 03:37:58 +03:00
2008-08-19 06:03:04 +04:00
########################################
### cn=schema ###
2013-09-17 01:14:10 +04:00
database mdb
2007-05-29 16:18:41 +04:00
suffix ${SCHEMADN}
2008-07-18 12:44:07 +04:00
rootdn cn=Manager,${SCHEMADN}
2007-05-29 05:20:47 +04:00
directory ${LDAPDIR}/db/schema
2009-08-10 03:45:01 +04:00
${NOSYNC}
${INDEX_CONFIG}
2013-09-17 01:14:10 +04:00
maxsize 1073741824
2007-05-29 05:20:47 +04:00
2008-01-18 05:28:52 +03:00
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
2009-02-24 03:37:58 +03:00
#We need this for the contextCSN attribute and mmr.
2008-01-18 05:28:52 +03:00
overlay syncprov
syncprov-sessionlog 100
2009-02-24 03:37:58 +03:00
syncprov-checkpoint 100 10
2008-01-18 05:28:52 +03:00
2010-04-22 11:20:21 +04:00
overlay rdnval
2008-08-19 06:03:04 +04:00
### Multimaster-Replication of cn=schema Subcontext ###
${MMR_SYNCREPL_SCHEMA_CONFIG}
${MIRRORMODE}
#########################################
### cn=config ###
2013-09-17 01:14:10 +04:00
database mdb
2007-05-29 16:18:41 +04:00
suffix ${CONFIGDN}
2008-07-18 12:44:07 +04:00
rootdn cn=Manager,${CONFIGDN}
2007-05-29 05:20:47 +04:00
directory ${LDAPDIR}/db/config
2009-08-10 03:45:01 +04:00
${NOSYNC}
${INDEX_CONFIG}
2013-09-17 01:14:10 +04:00
maxsize 1073741824
2007-05-29 05:20:47 +04:00
2008-01-18 05:28:52 +03:00
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
2009-02-24 03:37:58 +03:00
#We need this for the contextCSN attribute and mmr.
2008-01-18 05:28:52 +03:00
overlay syncprov
syncprov-sessionlog 100
2009-02-24 03:37:58 +03:00
syncprov-checkpoint 100 10
2010-04-22 11:20:21 +04:00
2010-04-20 09:35:51 +04:00
overlay rdnval
2008-08-19 06:03:04 +04:00
### Multimaster-Replication of cn=config Subcontext ###
${MMR_SYNCREPL_CONFIG_CONFIG}
${MIRRORMODE}
2008-01-18 05:28:52 +03:00
2013-09-17 01:14:10 +04:00
########################################
### domaindns
database mdb
suffix dc=domaindnszones,${DOMAINDN}
rootdn cn=Manager,${DOMAINDN}
directory ${LDAPDIR}/db/domaindns
${NOSYNC}
${INDEX_CONFIG}
maxsize 1073741824
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
#We need this for the contextCSN attribute and mmr.
overlay syncprov
syncprov-sessionlog 100
syncprov-checkpoint 100 10
overlay rdnval
### Multimaster-Replication of domainDNS context ###
${MMR_SYNCREPL_DOMAINDNS_CONFIG}
${MIRRORMODE}
########################################
### forestdns ###
database mdb
suffix dc=forestdnszones,${DOMAINDN}
rootdn cn=Manager,${DOMAINDN}
directory ${LDAPDIR}/db/forestdns
${NOSYNC}
${INDEX_CONFIG}
maxsize 1073741824
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
#We need this for the contextCSN attribute and mmr.
overlay syncprov
syncprov-sessionlog 100
syncprov-checkpoint 100 10
overlay rdnval
### Multimaster-Replication of forestDNS context ###
${MMR_SYNCREPL_FORESTDNS_CONFIG}
${MIRRORMODE}
2008-08-19 06:03:04 +04:00
########################################
### cn=users /base-dn ###
2013-09-17 01:14:10 +04:00
database mdb
2007-05-29 16:18:41 +04:00
suffix ${DOMAINDN}
2008-07-18 12:44:07 +04:00
rootdn cn=Manager,${DOMAINDN}
2007-05-29 05:20:47 +04:00
directory ${LDAPDIR}/db/user
2009-08-10 03:45:01 +04:00
${NOSYNC}
${INDEX_CONFIG}
2013-09-17 01:14:10 +04:00
maxsize 1073741824
2007-05-29 05:20:47 +04:00
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
2009-02-24 03:37:58 +03:00
#We need this for the contextCSN attribute and mmr.
2007-05-29 05:20:47 +04:00
overlay syncprov
syncprov-sessionlog 100
2009-02-24 03:37:58 +03:00
syncprov-checkpoint 100 10
2010-04-22 11:20:21 +04:00
2010-04-20 09:35:51 +04:00
overlay rdnval
2008-03-15 11:03:04 +03:00
2008-08-19 06:03:04 +04:00
### Multimaster-Replication of cn=user/base-dn context ###
${MMR_SYNCREPL_USER_CONFIG}
${MIRRORMODE}