1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
samba-mirror/source4/setup/slapd.conf
Howard Chu 31ca4fc674 OpenLDAP provisioning tweaks
Remove BerkeleyDB-specific setup.
Streamline cn=samba partition initialization - allow any backend type for it.
Use back-mdb instead of back-ldif for cn=samba partition

Signed-off-by: Howard Chu <hyc@symas.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>

Autobuild-User(master): Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date(master): Wed Sep 18 21:39:51 CEST 2013 on sn-devel-104
2013-09-18 21:39:51 +02:00

195 lines
4.3 KiB
Plaintext

loglevel 0
### needed for initial content load ###
sizelimit unlimited
### Multimaster-ServerIDs and URLs ###
${MMR_SERVERIDS_CONFIG}
include ${LDAPDIR}/backend-schema.schema
pidfile ${LDAPDIR}/slapd.pid
argsfile ${LDAPDIR}/slapd.args
sasl-realm ${DNSDOMAIN}
#authz-regexp
# uid=([^,]*),cn=${DNSDOMAIN},cn=digest-md5,cn=auth
# ldap:///${DOMAINDN}??sub?(samAccountName=\$1)
#authz-regexp
# uid=([^,]*),cn=([^,]*),cn=digest-md5,cn=auth
# ldap:///${DOMAINDN}??sub?(samAccountName=\$1)
authz-regexp
uid=([^,]*),cn=([^,]*),cn=digest-md5,cn=auth
ldap:///cn=samba??one?(cn=\$1)
authz-regexp
uid=([^,]*),cn=([^,]*),cn=ntlm,cn=auth
ldap:///cn=samba??one?(cn=\$1)
authz-regexp
gidNumber=.*\\\+uidNumber=${ADMIN_UID},cn=peercred,cn=external,cn=auth
cn=samba-admin,cn=samba
access to dn.base=""
by dn=cn=samba-admin,cn=samba manage
by anonymous read
by * read
access to dn.subtree="cn=samba"
by anonymous auth
access to dn.subtree="${DOMAINDN}"
by dn=cn=samba-admin,cn=samba manage${REPLICATOR_ACL}
by dn=cn=manager manage
by * none
password-hash {CLEARTEXT}
defaultsearchbase ${DOMAINDN}
rootdn cn=Manager
moduleload rdnval
moduleload deref
overlay deref
moduleload refint
${REFINT_CONFIG}
moduleload memberof
${MEMBEROF_CONFIG}
moduleload syncprov
database mdb
suffix cn=Samba
directory ${LDAPDIR}/db/samba
rootdn cn=Manager,cn=Samba
########################################
## olc - configuration ###
database config
rootdn cn=config
${OLC_SYNCREPL_CONFIG}
${OLC_MMR_CONFIG}
access to dn.sub="cn=config"
by dn="cn=samba-admin,cn=samba" write
by dn="cn=replicator,cn=samba" read
########################################
### cn=schema ###
database mdb
suffix ${SCHEMADN}
rootdn cn=Manager,${SCHEMADN}
directory ${LDAPDIR}/db/schema
${NOSYNC}
${INDEX_CONFIG}
maxsize 1073741824
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
#We need this for the contextCSN attribute and mmr.
overlay syncprov
syncprov-sessionlog 100
syncprov-checkpoint 100 10
overlay rdnval
### Multimaster-Replication of cn=schema Subcontext ###
${MMR_SYNCREPL_SCHEMA_CONFIG}
${MIRRORMODE}
#########################################
### cn=config ###
database mdb
suffix ${CONFIGDN}
rootdn cn=Manager,${CONFIGDN}
directory ${LDAPDIR}/db/config
${NOSYNC}
${INDEX_CONFIG}
maxsize 1073741824
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
#We need this for the contextCSN attribute and mmr.
overlay syncprov
syncprov-sessionlog 100
syncprov-checkpoint 100 10
overlay rdnval
### Multimaster-Replication of cn=config Subcontext ###
${MMR_SYNCREPL_CONFIG_CONFIG}
${MIRRORMODE}
########################################
### domaindns
database mdb
suffix dc=domaindnszones,${DOMAINDN}
rootdn cn=Manager,${DOMAINDN}
directory ${LDAPDIR}/db/domaindns
${NOSYNC}
${INDEX_CONFIG}
maxsize 1073741824
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
#We need this for the contextCSN attribute and mmr.
overlay syncprov
syncprov-sessionlog 100
syncprov-checkpoint 100 10
overlay rdnval
### Multimaster-Replication of domainDNS context ###
${MMR_SYNCREPL_DOMAINDNS_CONFIG}
${MIRRORMODE}
########################################
### forestdns ###
database mdb
suffix dc=forestdnszones,${DOMAINDN}
rootdn cn=Manager,${DOMAINDN}
directory ${LDAPDIR}/db/forestdns
${NOSYNC}
${INDEX_CONFIG}
maxsize 1073741824
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
#We need this for the contextCSN attribute and mmr.
overlay syncprov
syncprov-sessionlog 100
syncprov-checkpoint 100 10
overlay rdnval
### Multimaster-Replication of forestDNS context ###
${MMR_SYNCREPL_FORESTDNS_CONFIG}
${MIRRORMODE}
########################################
### cn=users /base-dn ###
database mdb
suffix ${DOMAINDN}
rootdn cn=Manager,${DOMAINDN}
directory ${LDAPDIR}/db/user
${NOSYNC}
${INDEX_CONFIG}
maxsize 1073741824
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
#We need this for the contextCSN attribute and mmr.
overlay syncprov
syncprov-sessionlog 100
syncprov-checkpoint 100 10
overlay rdnval
### Multimaster-Replication of cn=user/base-dn context ###
${MMR_SYNCREPL_USER_CONFIG}
${MIRRORMODE}