loglevel 0 include /home/data/samba/samba4/clean/source/st/dc/private/ldap/backend-schema.schema pidfile /home/data/samba/samba4/clean/source/st/dc/private/ldap/slapd.pid argsfile /home/data/samba/samba4/clean/source/st/dc/private/ldap/slapd.args sasl-realm samba.example.com access to * by * write allow update_anon authz-regexp uid=([^,]*),cn=samba.example.com,cn=digest-md5,cn=auth ldap:///DC=samba,DC=example,DC=com??sub?(samAccountName=\$1) authz-regexp uid=([^,]*),cn=([^,]*),cn=digest-md5,cn=auth ldap:///DC=samba,DC=example,DC=com??sub?(samAccountName=\$1) include /home/data/samba/samba4/clean/source/st/dc/private/ldap/modules.conf defaultsearchbase DC=samba,DC=example,DC=com backend hdb database bdb suffix CN=Schema,CN=Configuration,DC=samba,DC=example,DC=com directory /home/data/samba/samba4/clean/source/st/dc/private/ldap/db/schema index objectClass eq index samAccountName eq index name eq index objectCategory eq index lDAPDisplayName eq index subClassOf eq database hdb suffix CN=Configuration,DC=samba,DC=example,DC=com directory /home/data/samba/samba4/clean/source/st/dc/private/ldap/db/config index objectClass eq index samAccountName eq index name eq index objectSid eq index objectCategory eq index nCName eq index subClassOf eq index dnsRoot eq index nETBIOSName eq database hdb suffix DC=samba,DC=example,DC=com rootdn cn=Manager,DC=samba,DC=example,DC=com rootpw localdcpass directory /home/data/samba/samba4/clean/source/st/dc/private/ldap/db/user index objectClass eq index samAccountName eq index name eq index objectSid eq index objectCategory eq index member eq index uidNumber eq index gidNumber eq index unixName eq index privilege eq index nCName eq index lDAPDisplayName eq index subClassOf eq index dnsRoot eq index nETBIOSName eq #syncprov is stable in OpenLDAP 2.3, and available in 2.2. #We only need this for the contextCSN attribute anyway.... overlay syncprov syncprov-checkpoint 100 10 syncprov-sessionlog 100 overlay memberof memberof-group-oc group