From 25877b0d231a1531782a5f259f38065e983f3223 Mon Sep 17 00:00:00 2001
From: Howard Chu <hyc@openldap.org>
Date: Thu, 12 May 2005 03:53:02 +0000
Subject: [PATCH] Sample LDIF slapd configuration

---
 servers/slapd/slapd.ldif | 92 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 92 insertions(+)
 create mode 100644 servers/slapd/slapd.ldif

diff --git a/servers/slapd/slapd.ldif b/servers/slapd/slapd.ldif
new file mode 100644
index 0000000000..ce4ef14538
--- /dev/null
+++ b/servers/slapd/slapd.ldif
@@ -0,0 +1,92 @@
+#
+# See slapd.d(5) for details on configuration options.
+# This file should NOT be world readable.
+#
+dn: cn=config
+objectClass: olcGlobal
+cn: config
+#
+#
+# Define global ACLs to disable default read access.
+#
+olcArgsFile:	%LOCALSTATEDIR%/run/slapd.args
+olcPidFile:		%LOCALSTATEDIR%/run/slapd.pid
+#
+# Do not enable referrals until AFTER you have a working directory
+# service AND an understanding of referrals.
+#olcReferral:	ldap://root.openldap.org
+#
+# Sample security restrictions
+#	Require integrity protection (prevent hijacking)
+#	Require 112-bit (3DES or better) encryption for updates
+#	Require 64-bit encryption for simple bind
+#olcSecurity: ssf=1 update_ssf=112 simple_bind=64
+
+
+#
+# Load dynamic backend modules:
+#
+#dn: cn=module,cn=config
+#objectClass: olcModuleList
+#olcModulepath:	%MODULEDIR%
+#olcModuleload:	back_bdb.la
+#olcModuleload:	back_ldap.la
+#olcModuleload:	back_ldbm.la
+#olcModuleload:	back_passwd.la
+#olcModuleload:	back_shell.la
+
+
+dn: cn=schema,cn=config
+objectClass: olcSchemaConfig
+cn: schema
+
+include:		%SYSCONFDIR%/schema/core.ldif
+
+# Frontend settings
+#
+dn: olcDatabase=frontend,cn=config
+objectClass: olcDatabaseConfig
+olcDatabase: frontend
+#
+# Sample global access control policy:
+#	Root DSE: allow anyone to read it
+#	Subschema (sub)entry DSE: allow anyone to read it
+#	Other DSEs:
+#		Allow self write access
+#		Allow authenticated users read access
+#		Allow anonymous users to authenticate
+#
+#olcAccess: to dn.base="" by * read
+#olcAccess: to dn.base="cn=Subschema" by * read
+#olcAccess: to *
+#	by self write
+#	by users read
+#	by anonymous auth
+#
+# if no access controls are present, the default policy
+# allows anyone and everyone to read anything but restricts
+# updates to rootdn.  (e.g., "access to * by * read")
+#
+# rootdn can always read and write EVERYTHING!
+#
+
+
+#######################################################################
+# BDB database definitions
+#######################################################################
+#
+dn: olcDatabase=bdb,cn=config
+objectClass: olcDatabaseConfig
+olcDatabase: bdb
+olcSuffix:		"dc=my-domain,dc=com"
+olcRootDN:		"cn=Manager,dc=my-domain,dc=com"
+# Cleartext passwords, especially for the rootdn, should
+# be avoided.  See slappasswd(8) and slapd.d(5) for details.
+# Use of strong authentication encouraged.
+olcRootPW:		secret
+# The database directory MUST exist prior to running slapd AND 
+# should only be accessible by the slapd and slap tools.
+# Mode 700 recommended.
+olcDbDirectory:	%LOCALSTATEDIR%/openldap-data
+# Indices to maintain
+olcDbIndex:	objectClass	eq
-- 
2.39.5