source: companies/celepar/doc-expressolivre/rhel5-centos5/arqs-conf-rhel5/etc/openldap/slapd.conf @ 763

Revision 763, 4.3 KB checked in by niltonneto, 15 years ago (diff)

Importação inicial do Expresso da Celepar

Line 
1#
2# See slapd.conf(5) for details on configuration options.
3# This file should NOT be world readable.
4#
5
6#######################################################################
7# Global Directives:
8sizelimit -1
9timelimit -1
10threads 16
11
12# Schema and objectClass definitions
13include         /etc/openldap/schema/core.schema
14include         /etc/openldap/schema/cosine.schema
15include         /etc/openldap/schema/inetorgperson.schema
16include         /etc/openldap/schema/nis.schema
17include         /etc/openldap/schema/qmailuser.schema
18include         /etc/openldap/schema/phpgwaccount.schema
19include         /etc/openldap/schema/samba.schema
20include         /etc/openldap/schema/phpgwcontact.schema
21
22# Schema check allows for forcing entries to
23# match schemas for their objectClasses's
24schemacheck     on
25
26# Read slapd.conf(5) for possible values
27loglevel        0
28
29checkpoint 512 30
30
31# Allow LDAPv2 client connections.  This is NOT the default.
32allow bind_v2
33
34# Do not enable referrals until AFTER you have a working directory
35# service AND an understanding of referrals.
36#referral       ldap://root.openldap.org
37
38pidfile         /var/run/openldap/slapd.pid
39argsfile        /var/run/openldap/slapd.args
40
41# Load dynamic backend modules:
42# modulepath    /usr/lib/openldap
43# moduleload    back_bdb.la
44# moduleload    back_ldap.la
45# moduleload    back_ldbm.la
46# moduleload    back_passwd.la
47# moduleload    back_shell.la
48
49# The next three lines allow use of TLS for encrypting connections using a
50# dummy test certificate which you can generate by changing to
51# /etc/pki/tls/certs, running "make slapd.pem", and fixing permissions on
52# slapd.pem so that the ldap user or group can read it.  Your client software
53# may balk at self-signed certificates, however.
54# TLSCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
55# TLSCertificateFile /etc/pki/tls/certs/slapd.pem
56# TLSCertificateKeyFile /etc/pki/tls/certs/slapd.pem
57
58# Sample security restrictions
59#       Require integrity protection (prevent hijacking)
60#       Require 112-bit (3DES or better) encryption for updates
61#       Require 63-bit encryption for simple bind
62# security ssf=1 update_ssf=112 simple_bind=64
63
64# Sample access control policy:
65#       Root DSE: allow anyone to read it
66#       Subschema (sub)entry DSE: allow anyone to read it
67#       Other DSEs:
68#               Allow self write access
69#               Allow authenticated users read access
70#               Allow anonymous users to authenticate
71#       Directives needed to implement policy:
72# access to dn.base="" by * read
73# access to dn.base="cn=Subschema" by * read
74# access to *
75#       by self write
76#       by users read
77#       by anonymous auth
78#
79# if no access controls are present, the default policy
80# allows anyone and everyone to read anything but restricts
81# updates to rootdn.  (e.g., "access to * by * read")
82#
83# rootdn can always read and write EVERYTHING!
84
85#######################################################################
86# ldbm and/or bdb database definitions
87#######################################################################
88
89database        bdb
90suffix          "LDAP_DN"
91rootdn          "cn=admin,LDAP_DN"
92# Cleartext passwords, especially for the rootdn, should
93# be avoided.  See slappasswd(8) and slapd.conf(5) for details.
94# Use of strong authentication encouraged.
95rootpw          LDAP_PWD_MD5
96
97# The database directory MUST exist prior to running slapd AND
98# should only be accessible by the slapd and slap tools.
99# Mode 700 recommended.
100directory       /var/lib/ldap
101
102# Indices to maintain for this database
103#index objectClass                       eq,pres
104#index ou,cn,mail,surname,givenname      eq,pres,sub
105#index uidNumber,gidNumber,loginShell    eq,pres
106#index uid,memberUid                     eq,pres,sub
107#index nisMapName,nisMapEntry            eq,pres,sub
108
109# Indexing options for database #1
110index   mail,mailAlternateAddress,objectClass,memberUid,uidNumber,deliveryMode,accountStatus,phpgwAccountType,gidNumber,phpgwAccountStatus,ou pres,eq
111index   uid,cn,sn,givenName pres,eq,sub
112
113# Save the time that the entry gets modified, for database #1
114lastmod         on
115
116#access to attrs=userPassword
117#        by dn="cn=admin,LDAP_DN" write
118#        by anonymous auth
119#        by self write
120#        by * none
121#
122#access to dn.base="" by * read
123#
124#access to *
125#        by dn="cn=admin,LDAP_DN" write
126#        by * read
127
128# Replicas of this database
129#replogfile /var/lib/ldap/openldap-master-replog
130#replica host=ldap-1.example.com:389 starttls=critical
131#     bindmethod=sasl saslmech=GSSAPI
132#     authcId=host/ldap-master.example.com@EXAMPLE.COM
Note: See TracBrowser for help on using the repository browser.