X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=tests%2Fdata%2Fslapd-idassert.conf;h=2c680fc3a23aa7873cd863460267f27687e7a701;hb=e1a5177baca44d6ff5dceea3f6f91da329d43b85;hp=e8d82ea3448c6a40f75f2daa89a8cc68c7fd3b06;hpb=77eacb0dfec91a57ca645bc68ed9920d754f1275;p=openldap
diff --git a/tests/data/slapd-idassert.conf b/tests/data/slapd-idassert.conf
index e8d82ea344..2c680fc3a2 100644
--- a/tests/data/slapd-idassert.conf
+++ b/tests/data/slapd-idassert.conf
@@ -1,9 +1,8 @@
# master slapd config -- for testing
-# $OpenLDAP: pkg/ldap/tests/data/slapd-pw.conf,v 1.19.2.4 2003/12/15 22:05:29
- kurt Exp $
+# $OpenLDAP$
## This work is part of OpenLDAP Software .
##
-## Copyright 1998-2003 The OpenLDAP Foundation.
+## Copyright 1998-2011 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
@@ -15,33 +14,38 @@
## .
#ucdata-path ./ucdata
-include ./schema/core.schema
-include ./schema/cosine.schema
-include ./schema/inetorgperson.schema
-include ./schema/openldap.schema
-include ./schema/nis.schema
-pidfile ./testrun/slapd.1.pid
-argsfile ./testrun/slapd.1.args
+include @SCHEMADIR@/core.schema
+include @SCHEMADIR@/cosine.schema
+include @SCHEMADIR@/inetorgperson.schema
+include @SCHEMADIR@/openldap.schema
+include @SCHEMADIR@/nis.schema
+pidfile @TESTDIR@/slapd.1.pid
+argsfile @TESTDIR@/slapd.1.args
#mod#modulepath ../servers/slapd/back-@BACKEND@/
#mod#moduleload back_@BACKEND@.la
-#ldapmod#moduleload ../servers/slapd/back-ldap/back_ldap.la
+#ldapmod#modulepath ../servers/slapd/back-ldap/
+#ldapmod#moduleload back_ldap.la
+#monitormod#modulepath ../servers/slapd/back-monitor/
+#monitormod#moduleload back_monitor.la
+#rwmmod#modulepath ../servers/slapd/overlays/
+#rwmmod#moduleload rwm.la
#######################################################################
-# ldbm database definitions
+# database definitions
#######################################################################
authz-policy both
-authz-regexp "^uid=admin/([^,]+),.*" "ldap:///ou=Admin,dc=example,dc=com??sub?cn=$1"
-authz-regexp "^uid=it/([^,]+),.*" "ldap:///ou=People,dc=example,dc=it??sub?uid=$1"
-authz-regexp "^uid=(us/)*([^,]+),.*" "ldap:///ou=People,dc=example,dc=com??sub?uid=$2"
+authz-regexp "^uid=admin/([^,]+),.+" "ldap:///ou=Admin,dc=example,dc=com??sub?(cn=$1)"
+authz-regexp "^uid=it/([^,]+),.+" "ldap:///ou=People,dc=example,dc=it??sub?(uid=$1)"
+authz-regexp "^uid=(us/)?([^,]+),.+" "ldap:///ou=People,dc=example,dc=com??sub?(uid=$2)"
#
# normal installations should protect root dse,
# cn=monitor, cn=schema, and cn=config
#
-access to attr=userpassword
+access to attrs=userpassword
by self =wx
by anonymous =x
@@ -53,60 +57,63 @@ access to *
by * search
database @BACKEND@
-#ldbm#cachesize 0
+
suffix "dc=example,dc=com"
-directory ./testrun/db.1.a
rootdn "cn=Manager,dc=example,dc=com"
rootpw secret
-index objectClass eq
-index cn,sn,uid pres,eq,sub
+#null#bind on
+#~null~#directory @TESTDIR@/db.1.a
+#indexdb#index objectClass eq
+#indexdb#index cn,sn,uid pres,eq,sub
+#ndb#dbname db_1
+#ndb#include @DATADIR@/ndb.conf
access to dn.exact="cn=Proxy,ou=Admin,dc=example,dc=com"
- attr=authzTo
+ attrs=authzTo
by dn.exact="cn=Proxy,ou=Admin,dc=example,dc=com" =wx
by * =x
database @BACKEND@
-#ldbm#cachesize 0
+
suffix "dc=example,dc=it"
-directory ./testrun/db.2.a
rootdn "cn=Manager,dc=example,dc=it"
rootpw secret
-index objectClass eq
-index cn,sn,uid pres,eq,sub
+#~null~#directory @TESTDIR@/db.2.a
+#indexdb#index objectClass eq
+#indexdb#index cn,sn,uid pres,eq,sub
+#ndb#dbname db_2
+#ndb#include @DATADIR@/ndb.conf
database ldap
suffix "o=Example,c=US"
-suffixmassage "o=Example,c=US" "dc=example,dc=com"
uri "@URI1@"
-#sasl#idassert-method "sasl" "authcDN=cn=Proxy US,ou=Admin,dc=example,dc=com" "authcID=admin/proxy US" "cred=proxy" @SASL_MECH@
-#nosasl#idassert-method "simple"
-#nosasl#idassert-authcDN "cn=Proxy US,ou=Admin,dc=example,dc=com"
-#nosasl#idassert-passwd proxy
-idassert-mode self
+#sasl#idassert-bind bindmethod=sasl binddn="cn=Proxy US,ou=Admin,dc=example,dc=com" authcId="admin/proxy US" credentials="proxy" @SASL_MECH@ mode=self
+#nosasl#idassert-bind bindmethod=simple binddn="cn=Proxy US,ou=Admin,dc=example,dc=com" credentials="proxy" mode=self
# authorizes database
idassert-authzFrom "dn.subtree:dc=example,dc=it"
+overlay rwm
+rwm-suffixmassage "dc=example,dc=com"
+
database ldap
suffix "o=Esempio,c=IT"
-suffixmassage "o=Esempio,c=IT" "dc=example,dc=com"
uri "@URI1@"
acl-authcDN "cn=Proxy IT,ou=Admin,dc=example,dc=com"
acl-passwd proxy
-idassert-method "simple"
-idassert-authcDN "cn=Proxy IT,ou=Admin,dc=example,dc=com"
-idassert-passwd proxy
-idassert-mode "dn:cn=Sandbox,ou=Admin,dc=example,dc=com"
+idassert-bind bindmethod=simple binddn="cn=Proxy IT,ou=Admin,dc=example,dc=com" credentials="proxy" authzId="dn:cn=Sandbox,ou=Admin,dc=example,dc=com"
# authorizes database
idassert-authzFrom "dn.subtree:dc=example,dc=com"
# authorizes anonymous
idassert-authzFrom "dn.exact:"
+overlay rwm
+rwm-suffixmassage "dc=example,dc=com"
+
access to attrs=entry,cn,sn,mail
by users read
@@ -116,4 +123,6 @@ access to *
by dn.exact="cn=Sandbox,ou=Admin,dc=example,dc=com" search
by * none
-
+#monitor#database monitor
+#monitor#rootdn "cn=monitor"
+#monitor#rootpw monitor