diff options
Diffstat (limited to 'confskel/openldap/ldif/olcDatabase.ldif')
| -rw-r--r-- | confskel/openldap/ldif/olcDatabase.ldif | 32 |
1 files changed, 25 insertions, 7 deletions
diff --git a/confskel/openldap/ldif/olcDatabase.ldif b/confskel/openldap/ldif/olcDatabase.ldif index ff350b6..db82473 100644 --- a/confskel/openldap/ldif/olcDatabase.ldif +++ b/confskel/openldap/ldif/olcDatabase.ldif @@ -4,17 +4,29 @@ objectClass: olcHdbConfig olcDatabase: {@@@LDIFSCHEMANUMBER@@@}hdb olcDbDirectory: /var/lib/ldap olcSuffix: @@@REALM_DCNAME@@@ -olcAccess: {0}to attrs=userPassword,shadowLastChange,krb5Key,krb5PrincipalName,krb5KeyVersionNumber,krb5MaxLife,krb5MaxRenew,krb5KDCFlags by self write by anonymous auth by dn="cn=@@@ROOTUSER@@@,@@@REALM_DCNAME@@@" write by * none -olcAccess: {1}to dn.base="" by * read -olcAccess: {2}to * by self write by dn="cn=@@@ROOTUSER@@@,@@@REALM_DCNAME@@@" write by * read +olcAccess: {0}to attrs=userPassword,shadowLastChange,krb5Key,krb5PrincipalName + ,krb5KeyVersionNumber,krb5MaxLife,krb5MaxRenew,krb5KDCFlags by dn.base="uid= + @@@ADMINUSER@@@,ou=users,ou=core,ou=realm,@@@REALM_DCNAME@@@" write by sock + url.regex="^ldapi:///$" write by anonymous auth by self write by * none +olcAccess: {1}to dn.base="" by * read +olcAccess: {2}to * by dn.base="uid=@@@ADMINUSER@@@,ou=users,ou=core,ou=realm + ,@@@REALM_DCNAME@@@" write by sockurl.regex="^ldapi:///$" write by dynacl/ac + i write +olcAddContentAcl: FALSE olcLastMod: TRUE +olcMaxDerefDepth: 15 +olcReadOnly: FALSE olcRootDN: cn=@@@ROOTUSER@@@,@@@REALM_DCNAME@@@ olcRootPW: {SHA}@@@ROOTPW_SHA@@@ +olcMonitoring: TRUE +olcDbCacheSize: 1000 olcDbCheckpoint: 512 30 -olcDbConfig: {0}set_cachesize 0 2097152 0 -olcDbConfig: {1}set_lk_max_objects 1500 -olcDbConfig: {2}set_lk_max_locks 1500 -olcDbConfig: {3}set_lk_max_lockers 1500 +olcDbConfig: {0}set_cachesize 0 67108864 1 +olcDbConfig: {1}set_lg_regionmax 262144 +olcDbConfig: {2}set_lg_bsize 2097152 +olcDbNoSync: FALSE +olcDbDirtyRead: FALSE +olcDbIDLcacheSize: 0 olcDbIndex: objectClass eq olcDbIndex: krb5PrincipalName eq,pres olcDbIndex: cn eq,pres,subinitial @@ -22,6 +34,12 @@ olcDbIndex: mail eq,pres olcDbIndex: uid pres,eq olcDbIndex: uidNumber eq olcDbIndex: gidNumber eq +olcDbLinearIndex: FALSE +olcDbMode: 0600 +olcDbSearchStack: 16 +olcDbShmKey: 0 +olcDbCacheFree: 1 +olcDbDNcacheSize: 0 structuralObjectClass: olcHdbConfig creatorsName: cn=config createTimestamp: @@@TIMESTAMP@@@Z |