# This is the main slapd configuration file. See slapd.conf(5) for more # info on the configuration options. ####################################################################### # Global Directives: # Features to permit #allow bind_v2 # Schema and objectClass definitions include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/nis.schema include /etc/ldap/schema/inetorgperson.schema include /etc/ldap/schema/samba.schema # Schema check allows for forcing entries to # match schemas for their objectClasses's schemacheck on # Where the pid file is put. The init.d script # will not stop the server if you change this. pidfile /var/run/slapd/slapd.pid # List of arguments that were passed to the server argsfile /var/run/slapd.args # Read slapd.conf(5) for possible values loglevel 256 # Where the dynamically loaded modules are stored modulepath /usr/lib/ldap moduleload back_ldbm ####################################################################### # Specific Backend Directives for lbdm: # Backend specific directives apply to this backend until another # 'backend' directive occurs backend ldbm ####################################################################### # Specific Backend Directives for 'other': # Backend specific directives apply to this backend until another # 'backend' directive occurs #backend ####################################################################### # Specific Directives for database #1, of type bdb: # Database specific directives apply to this databasse until another # 'database' directive occurs database ldbm # nastavení parametrů kvůli výkonu cachesize 10000 dbcachesize 1000000 # The base of your directory in database #1 suffix "dc={moje}, dc=cz" # Where the database file are physically stored for database #1 directory "/var/lib/ldap" # Indexing options for database #1 index objectClass eq # Indices to maintain index cn pres,sub,eq index sn pres,sub,eq ## required to support pdb_getsampwnam index uid pres,sub,eq ## required to support pdb_getsambapwrid() index displayName pres,sub,eq ## uncomment these if you are storing posixAccount and ## posixGroup entries in the directory as well index uidNumber eq index gidNumber eq index memberUid eq index sambaSID eq index sambaPrimaryGroupSID eq index sambaDomainName eq #index sambaGroupMapping eq index default sub # Save the time that the entry gets modified, for database #1 lastmod on replica host={bdc} binddn="cn=Replicator,dc={moje},dc=cz" bindmethod=simple credentials={replicatorove heslo} # Where to store the replica logs for database #1 replogfile /var/lib/ldap/replog # The userPassword by default can be changed # by the entry owning it if they are authenticated. # Others should not be able to see it, except the # admin entry below # These access lines apply to database #1 only access to attribute=userPassword by dn="cn=admin,dc={moje},dc=cz" write by dn="cn=Manager,dc={moje},dc=cz" write by anonymous auth by self write by * none access to attribute=sambaLMPassword,sambaNTPassword by dn="cn=Manager,dc={moje},dc=cz" write by dn="cn=Manager,dc={moje},dc=cz" read by self write by self read by * none # The admin dn has full write access access to * by dn="cn=Manager,dc={moje},dc=cz" write by * read