Generate Multi-Master Replication configuration for OpenLDAP

[tprouty/samba.git] / source / setup / slapd.conf

diff --git a/source/setup/slapd.conf b/source/setup/slapd.conf
index b1ce6f6492e189a8a1c8c975bc0d53b80a80d2ed..be68ec258850d8912f521e882c540e8ce18a64e7 100644 (file)
--- a/source/setup/slapd.conf
+++ b/source/setup/slapd.conf
@@ -1,5 +1,10 @@
 loglevel 0
 
+### Multimaster-ServerIDs and URLs ###
+
+${MMR_SERVERIDS_CONFIG}
+
+
 include ${LDAPDIR}/backend-schema.schema
 
 pidfile                ${LDAPDIR}/slapd.pid
@@ -32,7 +37,8 @@ access to dn.subtree="cn=samba"
 
 access to dn.subtree="${DOMAINDN}"
        by dn=cn=samba-admin,cn=samba manage
-       by * read
+       by dn=cn=manager manage
+       by * none
 
 password-hash   {CLEARTEXT}
 
@@ -40,15 +46,23 @@ include ${LDAPDIR}/modules.conf
 
 defaultsearchbase ${DOMAINDN}
 
+rootdn cn=Manager
+
+${REFINT_CONFIG}
+
 ${MEMBEROF_CONFIG}
 
 database       ldif
 suffix         cn=Samba
 directory       ${LDAPDIR}/db/samba
+rootdn          cn=Manager,cn=Samba
 
-
+########################################
+### cn=schema ###
 database        hdb
 suffix         ${SCHEMADN}
+rootdn          cn=Manager,${SCHEMADN}
+rootpw         linux
 directory      ${LDAPDIR}/db/schema
 index           objectClass eq
 index           samAccountName eq
@@ -57,15 +71,25 @@ index objectCategory eq
 index lDAPDisplayName eq
 index subClassOf eq
 index cn eq
+index entryUUID,entryCSN eq
 
 #syncprov is stable in OpenLDAP 2.3, and available in 2.2.  
 #We only need this for the contextCSN attribute anyway....
 overlay syncprov
-syncprov-checkpoint 100 10
 syncprov-sessionlog 100
+# syncprov-checkpoint 100 10
+
 
+### Multimaster-Replication of cn=schema Subcontext ###
+${MMR_SYNCREPL_SCHEMA_CONFIG}
+${MIRRORMODE}
+
+#########################################
+### cn=config ###
 database        hdb
 suffix         ${CONFIGDN}
+rootdn          cn=Manager,${CONFIGDN}
+rootpw         linux
 directory      ${LDAPDIR}/db/config
 index           objectClass eq
 index           samAccountName eq
@@ -77,15 +101,24 @@ index subClassOf eq
 index dnsRoot eq
 index nETBIOSName eq
 index cn eq
+index entryUUID,entryCSN eq
 
 #syncprov is stable in OpenLDAP 2.3, and available in 2.2.  
 #We only need this for the contextCSN attribute anyway....
 overlay syncprov
-syncprov-checkpoint 100 10
 syncprov-sessionlog 100
+# syncprov-checkpoint 100 10
+
+### Multimaster-Replication of cn=config Subcontext ###
+${MMR_SYNCREPL_CONFIG_CONFIG}
+${MIRRORMODE}
 
+########################################
+### cn=users /base-dn  ###
 database        hdb
 suffix         ${DOMAINDN}
+rootdn          cn=Manager,${DOMAINDN}
+rootpw         linux
 directory      ${LDAPDIR}/db/user
 index           objectClass eq
 index           samAccountName eq
@@ -101,10 +134,14 @@ index subClassOf eq
 index dnsRoot eq
 index nETBIOSName eq
 index cn eq
+index entryUUID,entryCSN eq
 
 #syncprov is stable in OpenLDAP 2.3, and available in 2.2.  
 #We only need this for the contextCSN attribute anyway....
 overlay syncprov
-syncprov-checkpoint 100 10
 syncprov-sessionlog 100
+# syncprov-checkpoint 100 10
 
+### Multimaster-Replication of cn=user/base-dn context ###
+${MMR_SYNCREPL_USER_CONFIG}
+${MIRRORMODE}