mirror of
https://github.com/samba-team/samba.git
synced 2025-01-26 10:04:02 +03:00
958b0e8ad1
This module needs to be loaded on each database, not just the main partition. We use it to create the usn for the entries. Andrew Bartlett (This used to be commit ffb12aad8a80bb90d66dc66baba81b856622a6bb)
90 lines
2.0 KiB
Plaintext
90 lines
2.0 KiB
Plaintext
loglevel 0
|
|
|
|
include ${LDAPDIR}/backend-schema.schema
|
|
|
|
pidfile ${LDAPDIR}/slapd.pid
|
|
argsfile ${LDAPDIR}/slapd.args
|
|
sasl-realm ${DNSDOMAIN}
|
|
access to * by * write
|
|
|
|
allow update_anon
|
|
|
|
authz-regexp
|
|
uid=([^,]*),cn=${DNSDOMAIN},cn=digest-md5,cn=auth
|
|
ldap:///${DOMAINDN}??sub?(samAccountName=\$1)
|
|
|
|
authz-regexp
|
|
uid=([^,]*),cn=([^,]*),cn=digest-md5,cn=auth
|
|
ldap:///${DOMAINDN}??sub?(samAccountName=\$1)
|
|
|
|
include ${LDAPDIR}/modules.conf
|
|
|
|
defaultsearchbase ${DOMAINDN}
|
|
|
|
include ${LDAPDIR}/memberof.conf
|
|
|
|
database hdb
|
|
suffix ${SCHEMADN}
|
|
directory ${LDAPDIR}/db/schema
|
|
index objectClass eq
|
|
index samAccountName eq
|
|
index name eq
|
|
index objectCategory eq
|
|
index lDAPDisplayName eq
|
|
index subClassOf eq
|
|
index cn eq
|
|
|
|
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
|
|
#We only need this for the contextCSN attribute anyway....
|
|
overlay syncprov
|
|
syncprov-checkpoint 100 10
|
|
syncprov-sessionlog 100
|
|
|
|
database hdb
|
|
suffix ${CONFIGDN}
|
|
directory ${LDAPDIR}/db/config
|
|
index objectClass eq
|
|
index samAccountName eq
|
|
index name eq
|
|
index objectSid eq
|
|
index objectCategory eq
|
|
index nCName eq
|
|
index subClassOf eq
|
|
index dnsRoot eq
|
|
index nETBIOSName eq
|
|
index cn eq
|
|
|
|
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
|
|
#We only need this for the contextCSN attribute anyway....
|
|
overlay syncprov
|
|
syncprov-checkpoint 100 10
|
|
syncprov-sessionlog 100
|
|
|
|
database hdb
|
|
suffix ${DOMAINDN}
|
|
rootdn ${LDAPMANAGERDN}
|
|
rootpw ${LDAPMANAGERPASS}
|
|
directory ${LDAPDIR}/db/user
|
|
index objectClass eq
|
|
index samAccountName eq
|
|
index name eq
|
|
index objectSid eq
|
|
index objectCategory eq
|
|
index member eq
|
|
index uidNumber eq
|
|
index gidNumber eq
|
|
index unixName eq
|
|
index privilege eq
|
|
index nCName eq
|
|
index lDAPDisplayName eq
|
|
index subClassOf eq
|
|
index dnsRoot eq
|
|
index nETBIOSName eq
|
|
index cn eq
|
|
|
|
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
|
|
#We only need this for the contextCSN attribute anyway....
|
|
overlay syncprov
|
|
syncprov-checkpoint 100 10
|
|
syncprov-sessionlog 100
|