mirror of
https://github.com/samba-team/samba.git
synced 2025-01-17 02:05:21 +03:00
d7299d82c3
Instead of using an include file, put the generated configurationd directly into slapd.conf. Andrew Bartlett (This used to be commit 95ac786136aebfe5ededeb3fb81cbd4e296e3988)
92 lines
2.0 KiB
Plaintext
92 lines
2.0 KiB
Plaintext
loglevel 0
|
|
|
|
include ${LDAPDIR}/backend-schema.schema
|
|
|
|
pidfile ${LDAPDIR}/slapd.pid
|
|
argsfile ${LDAPDIR}/slapd.args
|
|
sasl-realm ${DNSDOMAIN}
|
|
access to * by * write
|
|
|
|
allow update_anon
|
|
|
|
authz-regexp
|
|
uid=([^,]*),cn=${DNSDOMAIN},cn=digest-md5,cn=auth
|
|
ldap:///${DOMAINDN}??sub?(samAccountName=\$1)
|
|
|
|
authz-regexp
|
|
uid=([^,]*),cn=([^,]*),cn=digest-md5,cn=auth
|
|
ldap:///${DOMAINDN}??sub?(samAccountName=\$1)
|
|
|
|
include ${LDAPDIR}/modules.conf
|
|
|
|
defaultsearchbase ${DOMAINDN}
|
|
|
|
${MEMBEROF_CONFIG}
|
|
|
|
database hdb
|
|
suffix ${SCHEMADN}
|
|
directory ${LDAPDIR}/db/schema
|
|
index objectClass eq
|
|
index samAccountName eq
|
|
index name eq
|
|
index objectCategory eq
|
|
index lDAPDisplayName eq
|
|
index subClassOf eq
|
|
index cn eq
|
|
|
|
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
|
|
#We only need this for the contextCSN attribute anyway....
|
|
overlay syncprov
|
|
syncprov-checkpoint 100 10
|
|
syncprov-sessionlog 100
|
|
|
|
database hdb
|
|
suffix ${CONFIGDN}
|
|
directory ${LDAPDIR}/db/config
|
|
index objectClass eq
|
|
index samAccountName eq
|
|
index name eq
|
|
index objectSid eq
|
|
index objectCategory eq
|
|
index nCName eq
|
|
index subClassOf eq
|
|
index dnsRoot eq
|
|
index nETBIOSName eq
|
|
index cn eq
|
|
|
|
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
|
|
#We only need this for the contextCSN attribute anyway....
|
|
overlay syncprov
|
|
syncprov-checkpoint 100 10
|
|
syncprov-sessionlog 100
|
|
|
|
database hdb
|
|
suffix ${DOMAINDN}
|
|
directory ${LDAPDIR}/db/user
|
|
index objectClass eq
|
|
index samAccountName eq
|
|
index name eq
|
|
index objectSid eq
|
|
index objectCategory eq
|
|
index member eq
|
|
index uidNumber eq
|
|
index gidNumber eq
|
|
index unixName eq
|
|
index privilege eq
|
|
index nCName eq
|
|
index lDAPDisplayName eq
|
|
index subClassOf eq
|
|
index dnsRoot eq
|
|
index nETBIOSName eq
|
|
index cn eq
|
|
|
|
rootdn ${LDAPMANAGERDN}
|
|
rootpw ${LDAPMANAGERPASS}
|
|
|
|
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
|
|
#We only need this for the contextCSN attribute anyway....
|
|
overlay syncprov
|
|
syncprov-checkpoint 100 10
|
|
syncprov-sessionlog 100
|
|
|