# master slapd config -- for testing
# $OpenLDAP: pkg/ldap/tests/data/slapd-pw.conf,v 1.19.2.4 2003/12/15 22:05:29 
 kurt Exp $
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
##
## Copyright 1998-2005 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted only as authorized by the OpenLDAP
## Public License.
##
## A copy of this license is available in the file LICENSE in the
## top-level directory of the distribution or, alternatively, at
## <http://www.OpenLDAP.org/license.html>.

#ucdata-path	./ucdata
include ./schema/core.schema
include ./schema/cosine.schema
include ./schema/inetorgperson.schema
include ./schema/openldap.schema
include ./schema/nis.schema
pidfile     ./testrun/slapd.1.pid
argsfile    ./testrun/slapd.1.args

#mod#modulepath	../servers/slapd/back-@BACKEND@/
#mod#moduleload	back_@BACKEND@.la
#ldapmod#modulepath ../servers/slapd/back-ldap/
#ldapmod#moduleload back_ldap.la
#monitormod#modulepath ../servers/slapd/back-monitor/
#monitormod#moduleload back_monitor.la
#gluemod#moduleload ../servers/slapd/overlays/glue.la

#######################################################################
# database definitions
#######################################################################

authz-regexp	"^uid=([^,]+),.*" "uid=$1,ou=People,dc=example,dc=com"

#
# normal installations should protect root dse,
# cn=monitor, cn=schema, and cn=config
#

access to attr=userpassword
	by self =wx
	by anonymous =x

access to *
	by * read

# people branch
database        ldap
suffix          "ou=People,dc=example,dc=com"
uri             "@URI2@"
# FIXME: doesn't work with authz=native
#sasl#idassert-method  sasl authcid=proxy cred=proxy @SASL_MECH@
#nosasl#idassert-method  simple
#nosasl#idassert-authcDN "uid=proxy,ou=People,dc=example,dc=com"
#nosasl#idassert-passwd  proxy
idassert-mode   self

# groups branch
database        ldap
suffix          "ou=Groups,dc=example,dc=com"
uri             "@URI3@"
# FIXME: doesn't work with authz=native
#sasl#idassert-method  sasl authcid=proxy cred=proxy @SASL_MECH@
#nosasl#idassert-method  simple
#nosasl#idassert-authcDN "uid=proxy,ou=Groups,dc=example,dc=com"
#nosasl#idassert-passwd  proxy
idassert-mode    self

# root
database        @BACKEND@
suffix          "dc=example,dc=com"
directory	./testrun/db.1.a
rootdn		"cn=Manager,dc=example,dc=com"
rootpw		secret
index		objectClass	eq
index		cn,sn,uid	pres,eq,sub
overlay glue
glue-sub ou=groups,dc=example,dc=com
glue-sub ou=people,dc=example,dc=com

#monitor#database monitor