# Configuration template for slapd. See slapd.conf(5) for more details. # # Revision 1.0 # # author: Alessandro Dotti Contra # ####################################################################### # # GLOBAL DIRECTIVES # ####################################################################### # Where the pid file is put. # pidfile /var/run/slapd/slapd.pid # List of arguments that were passed to the server # argsfile /var/run/slapd/slapd.args # Where the dynamically loaded modules are stored # modulepath /usr/lib/ldap moduleload back_bdb # Actual amount of cpu's that is used for indexing # tool-threads 1 # Number of seconds to wait before closing an idle client connection. # 0 disables this feature # idletimeout 0 # Log high priority messages only (no debugging info) # loglevel 0 # The maximum number of entries to return from a search operation # sizelimit 500 # The maximun number of seconds slapd spend answering a search before # returning an exceeded timelimit error # timelimit 3600 # Schema and objectClass definitions # include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/nis.schema include /etc/ldap/schema/inetorgperson.schema ####################################################################### # # ACCESS CONTROL # ####################################################################### # The userPassword can be changed by the entry owning it, but only if # it is authenticated, and by the admin. # access to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=nowhere,dc=local" write by anonymous auth by self write by * none # Ensure read access to the base for things like # supportedSASLMechanisms. Without this you may # have problems with SASL not knowing what # mechanisms are available and the like. # [taken from the debian default slap.conf] # access to dn.base="" by * read # admin has full write access, everyone else # can read everything. # access to * by dn="cn=admin,dc=nowhere,dc=local" write by * read ####################################################################### # # GENERAL BACKEND DIRECTIVES # ####################################################################### # Backend type # backend bdb ####################################################################### # # GENERAL DATABASE DIRECTIVES (there can be more than one) # ####################################################################### # Beginning of the database instance declaration # database bdb # Read-only flag for database # readonly off # Where the database files are physically stored # directory "/var/lib/ldap" # The base of the directory in the database # suffix "dc=nowhere,dc=local" # Superuser on the database # #rootdn "cn=admin,dc=nowhere,dc=local" # Indexing options # index objectClass eq # Save the time that the entry gets modified # lastmod on # ----------------------------------------------------------------------- # bdb/hdb specific configuration parameters. The dbconfig directive # places the values in the DB_CONFIG configuration file. # See slapd-bdb(5) for more details. # ----------------------------------------------------------------------- # Specify the size in entries of the in-memory entry cache maintained by # the bdb or hdb backend database instance # dbconfig set_cachesize 0 2097152 0 # Number of objects that can be locked at the same time # dbconfig set_lk_max_objects 1500 # Number of locks (both requested and granted) # dbconfig set_lk_max_locks 1500 # Number of lockers # dbconfig set_lk_max_lockers 1500