loglevel 0 ### needed for initial content load ### sizelimit unlimited ### Multimaster-ServerIDs and URLs ### ${MMR_SERVERIDS_CONFIG} include ${LDAPDIR}/backend-schema.schema pidfile ${LDAPDIR}/slapd.pid argsfile ${LDAPDIR}/slapd.args sasl-realm ${DNSDOMAIN} #authz-regexp # uid=([^,]*),cn=${DNSDOMAIN},cn=digest-md5,cn=auth # ldap:///${DOMAINDN}??sub?(samAccountName=\$1) #authz-regexp # uid=([^,]*),cn=([^,]*),cn=digest-md5,cn=auth # ldap:///${DOMAINDN}??sub?(samAccountName=\$1) authz-regexp uid=([^,]*),cn=([^,]*),cn=digest-md5,cn=auth ldap:///cn=samba??one?(cn=\$1) authz-regexp uid=([^,]*),cn=([^,]*),cn=ntlm,cn=auth ldap:///cn=samba??one?(cn=\$1) access to dn.base="" by dn=cn=samba-admin,cn=samba manage by anonymous read by * read access to dn.subtree="cn=samba" by anonymous auth access to dn.subtree="${DOMAINDN}" by dn=cn=samba-admin,cn=samba manage${REPLICATOR_ACL} by dn=cn=manager manage by * none password-hash {CLEARTEXT} include ${LDAPDIR}/modules.conf defaultsearchbase ${DOMAINDN} rootdn cn=Manager overlay deref ${REFINT_CONFIG} ${MEMBEROF_CONFIG} database ldif suffix cn=Samba directory ${LDAPDIR}/db/samba rootdn cn=Manager,cn=Samba ######################################## ## olc - configuration ### ${OLC_CONFIG_PASS} ${OLC_SYNCREPL_CONFIG} ${OLC_MMR_CONFIG} ${OLC_CONFIG_ACL} ######################################## ### cn=schema ### database hdb suffix ${SCHEMADN} rootdn cn=Manager,${SCHEMADN} directory ${LDAPDIR}/db/schema index objectClass eq index samAccountName eq index name eq index objectCategory eq index lDAPDisplayName eq index subClassOf eq index cn eq index entryUUID,entryCSN eq #syncprov is stable in OpenLDAP 2.3, and available in 2.2. #We need this for the contextCSN attribute and mmr. overlay syncprov syncprov-sessionlog 100 syncprov-checkpoint 100 10 ### Multimaster-Replication of cn=schema Subcontext ### ${MMR_SYNCREPL_SCHEMA_CONFIG} ${MIRRORMODE} ######################################### ### cn=config ### database hdb suffix ${CONFIGDN} rootdn cn=Manager,${CONFIGDN} directory ${LDAPDIR}/db/config index objectClass eq index samAccountName eq index name eq index objectSid eq index objectCategory eq index nCName eq index subClassOf eq index dnsRoot eq index nETBIOSName eq index cn eq index entryUUID,entryCSN eq #syncprov is stable in OpenLDAP 2.3, and available in 2.2. #We need this for the contextCSN attribute and mmr. overlay syncprov syncprov-sessionlog 100 syncprov-checkpoint 100 10 ### Multimaster-Replication of cn=config Subcontext ### ${MMR_SYNCREPL_CONFIG_CONFIG} ${MIRRORMODE} ######################################## ### cn=users /base-dn ### database hdb suffix ${DOMAINDN} rootdn cn=Manager,${DOMAINDN} directory ${LDAPDIR}/db/user index objectClass eq index samAccountName eq index name eq index objectSid eq index objectCategory eq index member eq index uidNumber eq index gidNumber eq index nCName eq index lDAPDisplayName eq index subClassOf eq index dnsRoot eq index nETBIOSName eq index cn eq index entryUUID,entryCSN eq #syncprov is stable in OpenLDAP 2.3, and available in 2.2. #We need this for the contextCSN attribute and mmr. overlay syncprov syncprov-sessionlog 100 syncprov-checkpoint 100 10 ### Multimaster-Replication of cn=user/base-dn context ### ${MMR_SYNCREPL_USER_CONFIG} ${MIRRORMODE}