| blob | a055e7be937318e7dc34fd366ae68a87f9cfb491 |
1 $NetBSD$
3 --- doc/slapd.conf.orig 2008-04-22 17:13:30.000000000 +0900
4 +++ doc/slapd.conf
5 @@ -2,11 +2,11 @@
6 # See slapd.conf(5) for details on configuration options.
7 # This file should NOT be world readable.
8 #
9 -include /etc/openldap/schema/core.schema
10 -include /etc/openldap/schema/cosine.schema
11 -include /etc/openldap/schema/inetorgperson.schema
12 -include /etc/openldap/schema/nis.schema
13 -include /etc/openldap/schema/samba.schema
14 +include @PREFIX@/etc/openldap/schema/core.schema
15 +include @PREFIX@/etc/openldap/schema/cosine.schema
16 +include @PREFIX@/etc/openldap/schema/inetorgperson.schema
17 +include @PREFIX@/etc/openldap/schema/nis.schema
18 +include @PREFIX@/etc/openldap/schema/samba.schema
20 schemacheck on
22 @@ -17,11 +17,11 @@ allow bind_v2
23 # service AND an understanding of referrals.
24 #referral ldap://root.openldap.org
26 -pidfile /var/run/slapd.pid
27 -argsfile /var/run/slapd.args
28 +pidfile @OPENLDAP_VARDIR@/run/slapd.pid
29 +argsfile @OPENLDAP_VARDIR@/run/slapd.args
31 # Load dynamic backend modules:
32 -# modulepath /usr/sbin/openldap
33 +# modulepath @PREFIX@/lib/openldap
34 # moduleload back_bdb.la
35 # moduleload back_ldap.la
36 # moduleload back_ldbm.la
37 @@ -33,9 +33,9 @@ argsfile /var/run/slapd.args
38 # /usr/share/ssl/certs, running "make slapd.pem", and fixing permissions on
39 # slapd.pem so that the ldap user or group can read it. Your client software
40 # may balk at self-signed certificates, however.
41 -#TLSCertificateFile /etc/openldap/ldap.company.com.pem
42 -#TLSCertificateKeyFile /etc/openldap/ldap.company.com.key
43 -#TLSCACertificateFile /etc/openldap/ca.pem
44 +#TLSCertificateFile @PREFIX@/etc/openldap/ldap.example.com.pem
45 +#TLSCertificateKeyFile @PREFIX@/etc/openldap/ldap.example.com.key
46 +#TLSCACertificateFile @PREFIX@/etc/openldap/ca.pem
47 #TLSCipherSuite :SSLv3
49 # Sample security restrictions
50 @@ -70,8 +70,8 @@ argsfile /var/run/slapd.args
51 #######################################################################
53 database bdb
54 -suffix "dc=company,dc=com"
55 -rootdn "cn=Manager,dc=company,dc=com"
56 +suffix "dc=example,dc=com"
57 +rootdn "cn=Manager,dc=example,dc=com"
58 # Cleartext passwords, especially for the rootdn, should
59 # be avoided. See slappasswd(8) and slapd.conf(5) for details.
60 # Use of strong authentication encouraged.
61 @@ -81,7 +81,7 @@ rootpw secret
62 # The database directory MUST exist prior to running slapd AND
63 # should only be accessible by the slapd and slap tools.
64 # Mode 700 recommended.
65 -directory /var/lib/ldap
66 +directory @OPENLDAP_VARDIR@/openldap-data
67 lastmod on
69 # Indices to maintain for this database
70 @@ -102,7 +102,7 @@ index default sub
72 # users can authenticate and change their password
73 access to attrs=userPassword,sambaNTPassword,sambaLMPassword,sambaPwdMustChange,sambaPwdLastSet
74 - by dn="cn=Manager,dc=company,dc=com" write
75 + by dn="cn=Manager,dc=example,dc=com" write
76 by self write
77 by anonymous auth
78 by * none
79 @@ -110,7 +110,7 @@ access to attrs=userPassword,sambaNTPass
80 # those 2 parameters must be world readable for password aging to work correctly
81 # (or use a priviledge account in /etc/ldap.conf to bind to the directory)
82 access to attrs=shadowLastChange,shadowMax
83 - by dn="cn=Manager,dc=company,dc=com" write
84 + by dn="cn=Manager,dc=example,dc=com" write
85 by self write
86 by * read
88 @@ -119,7 +119,7 @@ access to *
89 by * read
91 # Replicas of this database
92 -#replogfile /var/lib/ldap/openldap-master-replog
93 +#replogfile @OPENLDAP_VARDIR@/openldap-data/openldap-master-replog
94 #replica host=ldap-1.example.com:389 starttls=critical
95 # bindmethod=sasl saslmech=GSSAPI
96 # authcId=host/ldap-master.example.com@EXAMPLE.COM