forked from breisig/phpLDAPadmin
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathphpldapadmin-demo.conf
More file actions
107 lines (96 loc) · 2.84 KB
/
phpldapadmin-demo.conf
File metadata and controls
107 lines (96 loc) · 2.84 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
include /etc/openldap/schema/uidpool.schema
include /etc/openldap/schema/sudo.schema
include /etc/openldap/schema/autofs.schema
TLSCACertificateFile /etc/openldap/pla/ca-bundle.crt
TLSCertificateFile /etc/openldap/pla/slapd.crt
TLSCertificateKeyFile /etc/openldap/pla/slapd.key
access to dn.regex="o=Simpsons$" attrs=userpassword
by anonymous auth
by self write
by * none
access to dn.base="" by * read
access to dn.regex="dc=example.com$"
by dn.regex="o=Flintstones$" none
by dn.regex="o=Simpsons$" none
by * write
access to dn.regex="dc=example,dc=com$"
by dn.regex="o=Flintstones$" none
by dn.regex="o=Simpsons$" none
by * write
access to dn.regex="o=Flintstones$"
by dn.regex="o=Simpsons$" none
by self write
by dn.regex="cn=.*,ou=People,o=Flintstones" write
by * read
access to dn.regex="o=Simpsons$"
by dn.regex="o=Flintstones$" none
by self write
by dn.regex="cn=.*,ou=People,o=Simpsons" write
by * read
access to *
by * read
authz-policy any
database ldbm
suffix "dc=example.com"
rootdn "cn=Manager,dc=example.com"
rootpw NotAllowed
directory /var/lib/ldap/base-example.com
dirtyread
cachesize 2000
checkpoint 32 1
# Indices to maintain for this database
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
database ldbm
suffix "dc=example,dc=com"
rootdn "cn=Manager,dc=example,dc=com"
rootpw NotAllowed
directory /var/lib/ldap/base-example-com
dirtyread
cachesize 2000
checkpoint 32 1
# Indices to maintain for this database
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
database ldbm
suffix "o=Simpsons"
rootdn "cn=Manager,o=Simpsons"
rootpw NotAllowed
directory /var/lib/ldap/base-simpsons
dirtyread
cachesize 2000
checkpoint 32 1
# Indices to maintain for this database
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
sasl-regexp uid=(.*),cn=(.*),cn=gssapi,cn=auth
ldap:///dc=example.com??sub?(&(uid=$1)(objectClass=inetOrgPerson))
database bdb
suffix "o=Flintstones"
rootdn "cn=Manager,o=Flintstones"
rootpw NotAllowed
directory /var/lib/ldap/base-flintstones
dirtyread
cachesize 2000
checkpoint 32 1
# Indices to maintain for this database
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
database monitor
access to * by * read
database config
access to * by * read
rootdn cn=admin,cn=config
rootpw password