| # $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.7 2001/09/27 20:00:31 kurt Exp $ |
| # |
| # See slapd.conf(5) for details on configuration options. |
| # This file should NOT be world readable. |
| # |
| include /usr/local/etc/openldap/schema/core.schema |
| include /usr/local/etc/openldap/schema/turbine.schema |
| |
| # Define global ACLs to disable default read access. |
| |
| # Do not enable referrals until AFTER you have a working directory |
| # service AND an understanding of referrals. |
| #referral ldap://root.openldap.org |
| |
| pidfile /usr/local/var/slapd.pid |
| argsfile /usr/local/var/slapd.args |
| |
| # Load dynamic backend modules: |
| # modulepath /usr/local/libexec/openldap |
| # moduleload back_ldap.la |
| # moduleload back_ldbm.la |
| # moduleload back_passwd.la |
| # moduleload back_shell.la |
| |
| # |
| # Sample Access Control |
| # Allow read access of root DSE |
| # Allow self write access |
| # Allow authenticated users read access |
| # Allow anonymous users to authenticate |
| # |
| #access to dn="" by * read |
| #access to * |
| # by self write |
| # by users read |
| # by anonymous auth |
| # |
| # if no access controls are present, the default is: |
| # Allow read by all |
| # |
| # rootdn can always write! |
| |
| ####################################################################### |
| # ldbm database definitions |
| ####################################################################### |
| |
| database ldbm |
| suffix "dc=example,dc=com" |
| rootdn "turbineUserUniqueId=turbine,dc=example,dc=com" |
| # Cleartext passwords, especially for the rootdn, should |
| # be avoid. See slappasswd(8) and slapd.conf(5) for details. |
| # Use of strong authentication encouraged. |
| rootpw turbine |
| # The database directory MUST exist prior to running slapd AND |
| # should only be accessible by the slapd/tools. Mode 700 recommended. |
| directory /usr/local/var/openldap-ldbm |
| # Indices to maintain |
| index objectClass eq |
| |
| access to attr=userPassword |
| by self write |
| by anonymous auth |
| by dn="turbineUserUniqueId=turbine,dc=example,dc=com" write |
| by * none |
| |
| access to * |
| by self write |
| by dn="turbineUserUniqueId=turbine,dc=example,dc=com" write |
| by users read |
| |