X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fslapd.conf;h=cfdf733971fd6ee03626c6aebc2dc3ebca3caa6b;hb=75757a5c82fc6a9333807517705c99e090428142;hp=5228162d55e7eb0052af0db7b206db6161b832b3;hpb=32a2f291ee4a8a75628b3c491cd1db65f01ebf9c;p=openldap

diff --git a/servers/slapd/slapd.conf b/servers/slapd/slapd.conf
index 5228162d55..cfdf733971 100644
--- a/servers/slapd/slapd.conf
+++ b/servers/slapd/slapd.conf
@@ -16,20 +16,31 @@ argsfile	%LOCALSTATEDIR%/slapd.args
 
 # Load dynamic backend modules:
 # modulepath	%MODULEDIR%
+# moduleload	back_bdb.la
 # moduleload	back_ldap.la
 # moduleload	back_ldbm.la
 # moduleload	back_passwd.la
 # moduleload	back_shell.la
 
+# Sample security restrictions
 #
+#   Disallow clear text exchange of passwords
+# disallow bind_simple_unprotected
+#
+#	Require integrity protection (prevent hijacking)
+#	Require 112-bit (3DES or better) encryption for updates
+#	Require 63-bit encryption for simple bind
+# security ssf=1 update_ssf=112 simple_bind=64
+
 # Sample access control policy:
-#	Allow read access of root DSE
-#	Allow self write access
-#	Allow authenticated users read access
-#	Allow anonymous users to authenticate
-# Directives needed to implement policy:
-#access to dn.base="" by * read
-#access to *
+#	Root DSE: allow anyone to read it
+#	Other DSEs:
+#		Allow self write access
+#		Allow authenticated users read access
+#		Allow anonymous users to authenticate
+#	Directives needed to implement policy:
+# access to dn.base="" by * read
+# access to *
 #	by self write
 #	by users read
 #	by anonymous auth