mirror of
https://git.openldap.org/openldap/openldap.git
synced 2024-12-27 03:20:22 +08:00
72 lines
2.4 KiB
Plaintext
72 lines
2.4 KiB
Plaintext
|
# provider slapd config -- for testing
|
||
|
# $OpenLDAP$
|
||
|
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
|
||
|
##
|
||
|
## Copyright 1998-2021 The OpenLDAP Foundation.
|
||
|
## All rights reserved.
|
||
|
##
|
||
|
## Redistribution and use in source and binary forms, with or without
|
||
|
## modification, are permitted only as authorized by the OpenLDAP
|
||
|
## Public License.
|
||
|
##
|
||
|
## A copy of this license is available in the file LICENSE in the
|
||
|
## top-level directory of the distribution or, alternatively, at
|
||
|
## <http://www.OpenLDAP.org/license.html>.
|
||
|
|
||
|
include @SCHEMADIR@/core.schema
|
||
|
include @SCHEMADIR@/cosine.schema
|
||
|
include @SCHEMADIR@/inetorgperson.schema
|
||
|
include @SCHEMADIR@/openldap.schema
|
||
|
include @SCHEMADIR@/nis.schema
|
||
|
pidfile @TESTDIR@/slapd.m.pid
|
||
|
argsfile @TESTDIR@/slapd.m.args
|
||
|
|
||
|
#######################################################################
|
||
|
# database definitions
|
||
|
#######################################################################
|
||
|
|
||
|
#mod#modulepath ../servers/slapd/back-@BACKEND@/:../servers/slapd/overlays
|
||
|
#mod#moduleload back_@BACKEND@.la
|
||
|
#ldapmod#modulepath ../servers/slapd/back-ldap/
|
||
|
#ldapmod#moduleload back_ldap.la
|
||
|
#rwmmod#modulepath ../servers/slapd/overlays/
|
||
|
#rwmmod#moduleload rwm.la
|
||
|
#monitormod#modulepath ../servers/slapd/back-monitor/
|
||
|
#monitormod#moduleload back_monitor.la
|
||
|
|
||
|
# here the proxy is not only acting as a proxy, but it also has a local database dc=local,dc=com"
|
||
|
database @BACKEND@
|
||
|
suffix "dc=local,dc=com"
|
||
|
rootdn "cn=Manager,dc=local,dc=com"
|
||
|
rootpw "secret"
|
||
|
#~null~#directory @TESTDIR@/db.2.a
|
||
|
|
||
|
|
||
|
# Configure proxy
|
||
|
# - normal user binds to "*,dc=example,dc=com" are proxied through to the remote slapd
|
||
|
# - admin bind to local "cn=Manager,dc=local,dc=com" is overwritten by using idassert-bind
|
||
|
database ldap
|
||
|
uri "@URI1@"
|
||
|
suffix "dc=idle-timeout,dc=example,dc=com"
|
||
|
idassert-bind bindmethod=simple binddn="cn=Manager,dc=example,dc=com" credentials="secret"
|
||
|
idassert-authzFrom "dn.exact:cn=Manager,dc=local,dc=com"
|
||
|
rebind-as-user yes
|
||
|
monitoring on
|
||
|
idle-timeout @TIMEOUT@
|
||
|
overlay rwm
|
||
|
rwm-suffixmassage "dc=idle-timeout,dc=example,dc=com" "ou=People,dc=example,dc=com"
|
||
|
|
||
|
database ldap
|
||
|
uri "@URI1@"
|
||
|
suffix "dc=conn-ttl,dc=example,dc=com"
|
||
|
idassert-bind bindmethod=simple binddn="cn=Manager,dc=example,dc=com" credentials="secret"
|
||
|
idassert-authzFrom "dn.exact:cn=Manager,dc=local,dc=com"
|
||
|
rebind-as-user yes
|
||
|
monitoring on
|
||
|
conn-ttl @TIMEOUT@
|
||
|
overlay rwm
|
||
|
rwm-suffixmassage "dc=conn-ttl,dc=example,dc=com" "ou=People,dc=example,dc=com"
|
||
|
|
||
|
database monitor
|
||
|
|