Начало Каталог Помощ
Регистрация Вход
tomi
/
docker-ldap-server
1
0
Разклонения 0
Файлове Задачи 0 Заявки за сливане 0 Уики
ИН на ревизия: e896bdf51c
Клонове Маркери
docker-ldap-ser...
/
slapd.d
/
slapd.conf

slapd.conf 2.2 KB
История Директен файл

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071 
  1. #
    2. 

  2. # See slapd.conf(5) for details on configuration options.
    3. 

  3. # This file should NOT be world readable.
    4. 

  4. #
    5. 

  5. include		/etc/openldap/schema/core.schema
    6. 

  6. 

  7. # Define global ACLs to disable default read access.
    8. 

  8. 

  9. # Do not enable referrals until AFTER you have a working directory
    10. 

  10. # service AND an understanding of referrals.
    11. 

  11. #referral	ldap://root.openldap.org
    12. 

  12. 

  13. # If you change this, adjust pidfile path also in runscript!
    14. 

  14. pidfile		/run/openldap/slapd.pid
    15. 

  15. argsfile	/run/openldap/slapd.args
    16. 

  16. 

  17. # Load dynamic backend modules:
    18. 

  18. modulepath	/usr/lib/openldap
    19. 

  19. moduleload	back_mdb.so
    20. 

  20. # moduleload	back_hdb.so
    21. 

  21. # moduleload	back_bbd.so
    22. 

  22. # moduleload	back_ldap.so
    23. 

  23. 

  24. # Sample security restrictions
    25. 

  25. #	Require integrity protection (prevent hijacking)
    26. 

  26. #	Require 112-bit (3DES or better) encryption for updates
    27. 

  27. #	Require 63-bit encryption for simple bind
    28. 

  28. # security ssf=1 update_ssf=112 simple_bind=64
    29. 

  29. 

  30. # Sample access control policy:
    31. 

  31. #	Root DSE: allow anyone to read it
    32. 

  32. #	Subschema (sub)entry DSE: allow anyone to read it
    33. 

  33. #	Other DSEs:
    34. 

  34. #		Allow self write access
    35. 

  35. #		Allow authenticated users read access
    36. 

  36. #		Allow anonymous users to authenticate
    37. 

  37. #	Directives needed to implement policy:
    38. 

  38. # access to dn.base="" by * read
    39. 

  39. # access to dn.base="cn=Subschema" by * read
    40. 

  40. access to *
    41. 

  41. 	by self write
    42. 

  42. 	by users read
    43. 

  43. 	by anonymous auth
    44. 

  44. #
    45. 

  45. # if no access controls are present, the default policy
    46. 

  46. # allows anyone and everyone to read anything but restricts
    47. 

  47. # updates to rootdn.  (e.g., "access to * by * read")
    48. 

  48. #
    49. 

  49. # rootdn can always read and write EVERYTHING!
    50. 

  50. 

  51. #######################################################################
    52. 

  52. # MDB database definitions
    53. 

  53. #######################################################################
    54. 

  54. 

  55. database	mdb
    56. 

  56. maxsize		1073741824
    57. 

  57. suffix		"dc=slurm,dc=ch"
    58. 

  58. rootdn		"cn=admin,dc=slurm,dc=ch"
    59. 

  59. 

  60. # Cleartext passwords, especially for the rootdn, should
    61. 

  61. # be avoid.  See slappasswd(8) and slapd.conf(5) for details.
    62. 

  62. # Use of strong authentication encouraged.
    63. 

  63. rootpw		{SSHA}O61WeqsSLZNO2yF3PgpO7La1lumlekCW
    64. 

  64. 

  65. # The database directory MUST exist prior to running slapd AND 
    66. 

  66. # should only be accessible by the slapd and slap tools.
    67. 

  67. # Mode 700 recommended.
    68. 

  68. directory /var/lib/ldap
    69. 

  69. 

  70. # Indices to maintain
    71. 

  71. index	objectClass	eq
    72.