slapd-whoami.conf   [plain text]


# master slapd config -- for testing
# $OpenLDAP$
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
##
## Copyright 1998-2011 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted only as authorized by the OpenLDAP
## Public License.
##
## A copy of this license is available in the file LICENSE in the
## top-level directory of the distribution or, alternatively, at
## <http://www.OpenLDAP.org/license.html>.

include		@SCHEMADIR@/core.schema
include		@SCHEMADIR@/cosine.schema
include		@SCHEMADIR@/inetorgperson.schema
include		@SCHEMADIR@/openldap.schema
include		@SCHEMADIR@/nis.schema
pidfile		@TESTDIR@/slapd.1.pid
argsfile	@TESTDIR@/slapd.1.args

#mod#modulepath	../servers/slapd/back-@BACKEND@/
#mod#moduleload	back_@BACKEND@.la
#monitormod#modulepath ../servers/slapd/back-monitor/
#monitormod#moduleload back_monitor.la

#######################################################################
# database definitions
#######################################################################

authz-policy	both
authz-regexp	"^uid=group/([^,]+),.*" "ldap:///dc=example,dc=com??sub?cn=$1"
authz-regexp	"^uid=([^,]+),.*" "ldap:///dc=example,dc=com??sub?uid=$1"

#
# normal installations should protect root dse,
# cn=monitor, cn=schema, and cn=config
#

access to attrs=authzFrom,authzTo
	by * auth

access to attrs=userpassword
	by anonymous auth
	by self write

access to *
	by self write
	by * read

database	@BACKEND@

suffix		"dc=example,dc=com"
rootdn		"cn=Manager,dc=example,dc=com"
rootpw		secret
#~null~#directory	@TESTDIR@/db.1.a
#indexdb#index		objectClass	eq
#indexdb#index		cn,sn,uid	pres,eq,sub
#ndb#dbname db_1
#ndb#include @DATADIR@/ndb.conf

#monitor#database	monitor