# # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/inetorgperson.schema include /etc/ldap/schema/misc.schema include /etc/ldap/schema/nis.schema include /etc/ldap/schema/openldap.schema include /etc/ldap/schema/samba.schema include /etc/ldap/schema/eduperson.schema include /etc/ldap/schema/breduperson.0.0.6.schema include /etc/ldap/schema/schac-20061212-1.3.0 loglevel -1 pidfile /var/run/sldapd/slapd.pid argsfile /var/run/sldapd/slapd.args sizelimit -1 # Load dynamic backend modules: modulepath /usr/lib/ldap moduleload back_bdb.la moduleload memberof.la ####################################################################### # BDB database definitions ####################################################################### database bdb suffix "dc=poa,dc=ifrs,dc=edu,dc=br" rootdn "cn=Manager,dc=poa,dc=ifrs,dc=edu,dc=br" rootpw {SSHA}rAQpM6QYNGr0R/5X4qg4GgPaJvIFs/H0 directory /var/lib/ldap ####################################################################### # SSL: #Certficados de seguranca #TLSCACertificateFile /etc/ldap/certs/poa.cert #TLSCertificateFile /etc/ldap/certs/poa.crt #TLSCertificateKeyFile /etc/ldap/certs/poa.key ########## Permissoes de Usuarios ##################################### #access to * # by dn.base="cn=replicador,dc=poa,dc=ifrs,dc=edu,dc=br" read # by * break access to attrs=userPassword,sambaLMPassword,sambaNTPassword by dn="cn=Manager,dc=poa,dc=ifrs,dc=edu,dc=br" write by self write by * auth access to dn.children="ou=People,dc=poa,dc=ifrs,dc=edu,dc=br" attrs=objectClass,sambaSamAccount by dn="cn=Manager,dc=poa,dc=ifrs,dc=edu,dc=br" write by * read access to dn.children="ou=Groups,dc=poa,dc=ifrs,dc=edu,dc=br" attrs=description,sambaSID,sambaGroupType,displayName,objectClass,cn by dn="cn=Manager,dc=poa,dc=ifrs,dc=edu,dc=br" write by * read access to dn.children="ou=Computers,dc=poa,dc=ifrs,dc=edu,dc=br" attrs=objectClass,sambaSamAccount by dn="cn=Manager,dc=poa,dc=ifrs,dc=edu,dc=br" write by * read access to dn.children="ou=Idmap,dc=poa,dc=ifrs,dc=edu,dc=br" by dn="cn=Manager,dc=poa,dc=ifrs,dc=edu,dc=br" write by * read access to dn.subtree="dc=poa,dc=ifrs,dc=edu,dc=br" by dn="cn=Manager,dc=poa,dc=ifrs,dc=edu,dc=br" write by * read ###################################################################### # Configuracao Replicacao Reitoria ###################################################################### # uniquely identifies this server para PoA: #ServerID 051 # carregar o modulo #moduleload syncprov # syncprov specific indexing (add others as required) #index entryCSN eq #index entryUUID eq # Tipo de sincronizacao #overlay syncprov # Forcar sincronizacao a cada 100 gravacoes, ou a cada 10 minutos #syncprov-checkpoint 100 10 # Mantem um registro das ultimas 100 entradas sincronizadas #syncprov-sessionlog 100 ################ FIM REPLICACAO ##################################### # Indices to maintain index objectClass eq index cn pres,sub,eq index sn pres,sub,eq index uid pres,sub,eq index displayName pres,sub,eq index uidNumber eq index gidNumber eq index memberUID eq index sambaSID eq index sambaPrimaryGroupSID eq index sambaDomainName eq index default sub overlay memberof