source: sandbox/2.3-MailArchiver/doc-expressolivre/rhel5-centos5/arqs-conf-rhel5/etc/openldap/slapd.conf @ 6779

Revision 6779, 4.4 KB checked in by rafaelraymundo, 12 years ago (diff)

Ticket #2946 - Liberado Expresso(branch 2.3) integrado ao MailArchiver?.
Line 
1#
2# See slapd.conf(5) for details on configuration options.
3# This file should NOT be world readable.
4#
5
6#######################################################################
7# Global Directives:
8sizelimit -1
9timelimit -1
10threads 16
11
12# Schema and objectClass definitions
13include         /etc/openldap/schema/core.schema
14include         /etc/openldap/schema/cosine.schema
15include         /etc/openldap/schema/inetorgperson.schema
16include         /etc/openldap/schema/nis.schema
17include         /etc/openldap/schema/qmailuser.schema
18include         /etc/openldap/schema/phpgwaccount.schema
19include         /etc/openldap/schema/samba.schema
20include         /etc/openldap/schema/phpgwcontact.schema
21include         /etc/openldap/schema/phpgwquotacontrolled.schema
22
23# Schema check allows for forcing entries to
24# match schemas for their objectClasses's
25schemacheck     on
26
27# Read slapd.conf(5) for possible values
28loglevel        0
29
30checkpoint 512 30
31
32# Allow LDAPv2 client connections.  This is NOT the default.
33allow bind_v2
34
35# Do not enable referrals until AFTER you have a working directory
36# service AND an understanding of referrals.
37#referral       ldap://root.openldap.org
38
39pidfile         /var/run/openldap/slapd.pid
40argsfile        /var/run/openldap/slapd.args
41
42# Load dynamic backend modules:
43# modulepath    /usr/lib/openldap
44# moduleload    back_bdb.la
45# moduleload    back_ldap.la
46# moduleload    back_ldbm.la
47# moduleload    back_passwd.la
48# moduleload    back_shell.la
49
50# The next three lines allow use of TLS for encrypting connections using a
51# dummy test certificate which you can generate by changing to
52# /etc/pki/tls/certs, running "make slapd.pem", and fixing permissions on
53# slapd.pem so that the ldap user or group can read it.  Your client software
54# may balk at self-signed certificates, however.
55# TLSCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
56# TLSCertificateFile /etc/pki/tls/certs/slapd.pem
57# TLSCertificateKeyFile /etc/pki/tls/certs/slapd.pem
58
59# Sample security restrictions
60#       Require integrity protection (prevent hijacking)
61#       Require 112-bit (3DES or better) encryption for updates
62#       Require 63-bit encryption for simple bind
63# security ssf=1 update_ssf=112 simple_bind=64
64
65# Sample access control policy:
66#       Root DSE: allow anyone to read it
67#       Subschema (sub)entry DSE: allow anyone to read it
68#       Other DSEs:
69#               Allow self write access
70#               Allow authenticated users read access
71#               Allow anonymous users to authenticate
72#       Directives needed to implement policy:
73# access to dn.base="" by * read
74# access to dn.base="cn=Subschema" by * read
75# access to *
76#       by self write
77#       by users read
78#       by anonymous auth
79#
80# if no access controls are present, the default policy
81# allows anyone and everyone to read anything but restricts
82# updates to rootdn.  (e.g., "access to * by * read")
83#
84# rootdn can always read and write EVERYTHING!
85
86#######################################################################
87# ldbm and/or bdb database definitions
88#######################################################################
89
90database        bdb
91suffix          "LDAP_DN"
92rootdn          "cn=admin,LDAP_DN"
93# Cleartext passwords, especially for the rootdn, should
94# be avoided.  See slappasswd(8) and slapd.conf(5) for details.
95# Use of strong authentication encouraged.
96rootpw          LDAP_PWD_MD5
97
98# The database directory MUST exist prior to running slapd AND
99# should only be accessible by the slapd and slap tools.
100# Mode 700 recommended.
101directory       /var/lib/ldap
102
103# Indices to maintain for this database
104#index objectClass                       eq,pres
105#index ou,cn,mail,surname,givenname      eq,pres,sub
106#index uidNumber,gidNumber,loginShell    eq,pres
107#index uid,memberUid                     eq,pres,sub
108#index nisMapName,nisMapEntry            eq,pres,sub
109
110# Indexing options for database #1
111index   mail,mailAlternateAddress,objectClass,memberUid,uidNumber,deliveryMode,accountStatus,phpgwAccountType,gidNumber,phpgwAccountStatus,ou pres,eq
112index   uid,cn,sn,givenName pres,eq,sub
113
114# Save the time that the entry gets modified, for database #1
115lastmod         on
116
117#access to attrs=userPassword
118#        by dn="cn=admin,LDAP_DN" write
119#        by anonymous auth
120#        by self write
121#        by * none
122#
123#access to dn.base="" by * read
124#
125#access to *
126#        by dn="cn=admin,LDAP_DN" write
127#        by * read
128
129# Replicas of this database
130#replogfile /var/lib/ldap/openldap-master-replog
131#replica host=ldap-1.example.com:389 starttls=critical
132#     bindmethod=sasl saslmech=GSSAPI
133#     authcId=host/ldap-master.example.com@EXAMPLE.COM
Note: See TracBrowser for help on using the repository browser.