Sample LDIF slapd configuration

diff --git a/servers/slapd/slapd.ldif b/servers/slapd/slapd.ldif
new file mode 100644 (file)
index 0000000..ce4ef14
--- /dev/null
+++ b/servers/slapd/slapd.ldif
@@ -0,0 +1,92 @@
+#
+# See slapd.d(5) for details on configuration options.
+# This file should NOT be world readable.
+#
+dn: cn=config
+objectClass: olcGlobal
+cn: config
+#
+#
+# Define global ACLs to disable default read access.
+#
+olcArgsFile:   %LOCALSTATEDIR%/run/slapd.args
+olcPidFile:            %LOCALSTATEDIR%/run/slapd.pid
+#
+# Do not enable referrals until AFTER you have a working directory
+# service AND an understanding of referrals.
+#olcReferral:  ldap://root.openldap.org
+#
+# Sample security restrictions
+#      Require integrity protection (prevent hijacking)
+#      Require 112-bit (3DES or better) encryption for updates
+#      Require 64-bit encryption for simple bind
+#olcSecurity: ssf=1 update_ssf=112 simple_bind=64
+
+
+#
+# Load dynamic backend modules:
+#
+#dn: cn=module,cn=config
+#objectClass: olcModuleList
+#olcModulepath:        %MODULEDIR%
+#olcModuleload:        back_bdb.la
+#olcModuleload:        back_ldap.la
+#olcModuleload:        back_ldbm.la
+#olcModuleload:        back_passwd.la
+#olcModuleload:        back_shell.la
+
+
+dn: cn=schema,cn=config
+objectClass: olcSchemaConfig
+cn: schema
+
+include:               %SYSCONFDIR%/schema/core.ldif
+
+# Frontend settings
+#
+dn: olcDatabase=frontend,cn=config
+objectClass: olcDatabaseConfig
+olcDatabase: frontend
+#
+# Sample global access control policy:
+#      Root DSE: allow anyone to read it
+#      Subschema (sub)entry DSE: allow anyone to read it
+#      Other DSEs:
+#              Allow self write access
+#              Allow authenticated users read access
+#              Allow anonymous users to authenticate
+#
+#olcAccess: to dn.base="" by * read
+#olcAccess: to dn.base="cn=Subschema" by * read
+#olcAccess: to *
+#      by self write
+#      by users read
+#      by anonymous auth
+#
+# if no access controls are present, the default policy
+# allows anyone and everyone to read anything but restricts
+# updates to rootdn.  (e.g., "access to * by * read")
+#
+# rootdn can always read and write EVERYTHING!
+#
+
+
+#######################################################################
+# BDB database definitions
+#######################################################################
+#
+dn: olcDatabase=bdb,cn=config
+objectClass: olcDatabaseConfig
+olcDatabase: bdb
+olcSuffix:             "dc=my-domain,dc=com"
+olcRootDN:             "cn=Manager,dc=my-domain,dc=com"
+# Cleartext passwords, especially for the rootdn, should
+# be avoided.  See slappasswd(8) and slapd.d(5) for details.
+# Use of strong authentication encouraged.
+olcRootPW:             secret
+# The database directory MUST exist prior to running slapd AND 
+# should only be accessible by the slapd and slap tools.
+# Mode 700 recommended.
+olcDbDirectory:        %LOCALSTATEDIR%/openldap-data
+# Indices to maintain
+olcDbIndex:    objectClass     eq