summaryrefslogtreecommitdiffstats
path: root/confskel/openldap/ldap/slapd.defaults
diff options
context:
space:
mode:
authorTimothy Pearson <[email protected]>2012-06-04 02:43:34 -0500
committerTimothy Pearson <[email protected]>2012-06-04 02:43:34 -0500
commitffa65c885b78a8d783f9e8cd51cf7c0b751207f9 (patch)
tree5265da262e38753ddad75c7b9a98fb9119dd9215 /confskel/openldap/ldap/slapd.defaults
parentc39d52d4c9425c45394105bebdd6f2fac29569ee (diff)
downloadkcmldapcontroller-ffa65c885b78a8d783f9e8cd51cf7c0b751207f9.tar.gz
kcmldapcontroller-ffa65c885b78a8d783f9e8cd51cf7c0b751207f9.zip
New realm now functions almost fully
Diffstat (limited to 'confskel/openldap/ldap/slapd.defaults')
-rw-r--r--confskel/openldap/ldap/slapd.defaults64
1 files changed, 42 insertions, 22 deletions
diff --git a/confskel/openldap/ldap/slapd.defaults b/confskel/openldap/ldap/slapd.defaults
index 91ddb31..60ab088 100644
--- a/confskel/openldap/ldap/slapd.defaults
+++ b/confskel/openldap/ldap/slapd.defaults
@@ -1,25 +1,45 @@
-###
-# Enable the daemon.
-###
-START="yes"
-
-###
-# Keytab
-###
-export KRB5_KTNAME=/etc/ldap/ldap.keytab
-
-###
-# Services
-###
+# Default location of the slapd.conf file or slapd.d cn=config directory. If
+# empty, use the compiled-in default (/etc/ldap/slapd.d with a fallback to
+# /etc/ldap/slapd.conf).
+SLAPD_CONF="/etc/ldap/slapd.d"
+
+# System account to run the slapd server under. If empty the server
+# will run as root.
+SLAPD_USER="@@@LDAP_USER_NAME@@@"
+
+# System group to run the slapd server under. If empty the server will
+# run in the primary group of its user.
+SLAPD_GROUP="@@@LDAP_GROUP_NAME@@@"
+
+# Path to the pid file of the slapd server. If not set the init.d script
+# will try to figure it out from $SLAPD_CONF (/etc/ldap/slapd.d by
+# default)
+SLAPD_PIDFILE=
+
+# slapd normally serves ldap only on all TCP-ports 389. slapd can also
+# service requests on TCP-port 636 (ldaps) and requests via unix
+# sockets.
+# Example usage:
+# SLAPD_SERVICES="ldap://127.0.0.1:389/ ldaps:/// ldapi:///"
SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"
-###
-# Additional Options
-# @todo: pass user & group for service.
-###
-SLAPD_OPTIONS=""
+# If SLAPD_NO_START is set, the init script will not start or restart
+# slapd (but stop will still work). Uncomment this if you are
+# starting slapd via some other means or if you don't want slapd normally
+# started at boot.
+#SLAPD_NO_START=1
-###
-# SLAPD Configuration
-###
-SLAPD_CONF="/etc/ldap/slapd.d"
+# If SLAPD_SENTINEL_FILE is set to path to a file and that file exists,
+# the init script will not start or restart slapd (but stop will still
+# work). Use this for temporarily disabling startup of slapd (when doing
+# maintenance, for example, or through a configuration management system)
+# when you don't want to edit a configuration file.
+SLAPD_SENTINEL_FILE=/etc/ldap/noslapd
+
+# For Kerberos authentication (via SASL), slapd by default uses the system
+# keytab file (/etc/krb5.keytab). To use a different keytab file,
+# uncomment this line and change the path.
+export KRB5_KTNAME=@@@LDAP_KEYTAB_FILE@@@
+
+# Additional options to pass to slapd
+SLAPD_OPTIONS=""