# This is the main slapd configuration file. See slapd.conf(5) for more
# info on the configuration options.

#######################################################################
# Global Directives:

# Features to permit
#allow bind_v2

# Schema and objectClass definitions
include         /etc/ldap/schema/core.schema
include         /etc/ldap/schema/cosine.schema
include         /etc/ldap/schema/nis.schema
include         /etc/ldap/schema/inetorgperson.schema
include   	/etc/ldap/schema/misc.schema
include   	/etc/ldap/schema/nr-mail.schema

# Where the pid file is put. The init.d script
# will not stop the server if you change this.
pidfile         /var/run/slapd/slapd.pid

# List of arguments that were passed to the server
argsfile        /var/run/slapd/slapd.args

# Read slapd.conf(5) for possible values
loglevel	none
#loglevel	256
#loglevel        none
#loglevel        296

# Where the dynamically loaded modules are stored
modulepath	/usr/lib/ldap
moduleload	back_hdb

# The maximum number of entries that is returned for a search operation
sizelimit 10

# The tool-threads parameter sets the actual amount of cpu's that is used
# for indexing.
tool-threads 1
threads 32

#email
database hdb
suffix "ou=email,dc=xyz"
directory "/var/lib/ldap-mail"

#db settings
checkpoint 128 15
dbconfig set_cachesize 0 369868800 0
dbconfig set_lk_max_objects 1500
dbconfig set_lk_max_locks 1500
dbconfig set_lk_max_lockers 1500
dbconfig set_lg_max 10000000
dbconfig set_lg_bsize 8192

#readonly on
access to attrs=userPassword by dn.regex="cn=admin,ou=email,dc=xyz" write by anonymous read by self write
access to * by dn.regex="cn=admin,ou=email,dc=xyz" write by * read

index objectClass,uid,cn,userPassword,entryUUID eq,pres
rootdn "cn=admin,ou=email,dc=xyz"
rootpw "secret"

syncrepl   rid=1
	provider=ldap://1.2.3.188
	type=refreshAndPersist
	searchbase="ou=email,dc=xyz"
	filter="(objectClass=*)"
	attrs="*"
	scope=sub
	schemachecking=off
	bindmethod=simple
	binddn="cn=admin,ou=email,dc=xyz"
	credentials="secret"
	timelimit=unlimited
	sizelimit=unlimited

updateref       ldap://1.2.3.188

#www
database hdb
suffix          "dc=xyz"
directory       "/var/lib/ldap-www"

#db settings
checkpoint 128 15
dbconfig set_cachesize 0 268435456 0
dbconfig set_lk_max_objects 1500
dbconfig set_lk_max_locks 1500
dbconfig set_lk_max_lockers 1500
dbconfig set_lg_max 10000000
dbconfig set_lg_bsize 8192

#readonly on
access to attrs=userPassword by dn.regex="cn=admin,ou=www,dc=xyz" write by anonymous read by self write
access to * by dn.regex="cn=admin,ou=www,dc=xyz" write by * read

index objectClass,uidNumber,gidNumber,entryUUID,memberUid,userPassword eq,pres
index uid,cn eq,pres,approx

rootdn "cn=admin,ou=www,dc=xyz"
rootpw "secret"

syncrepl   rid=2
	provider=ldap://1.2.3.188
	type=refreshAndPersist
	searchbase="dc=xyz"
	filter="(objectClass=*)"
	attrs="*"
	scope=sub
	schemachecking=off
	bindmethod=simple
	binddn="cn=admin,ou=www,dc=xyz"
	credentials="secret"
	timelimit=unlimited
	sizelimit=unlimited

updateref       ldap://1.2.3.188