dkluenter

@@ Provider slapd.conf
include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/dyngroup.schema
include         /etc/openldap/schema/ppolicy.schema

pidfile         /var/run/slapd/slapd.pid
argsfile        /var/run/slapd/slapd.args
loglevel 0

modulepath      /usr/lib/openldap/modules
moduleload      accesslog.la

TLSCACertificateFile    /etc/openldap/certs/avciCA.pem
TLSCertificateFile      /etc/openldap/certs/rubin.pem
TLSCertificateKeyFile   /etc/openldap/certs/rubin-key.pem
TLSCipherSuite  HIGH:TLSv1
TLSVerifyClient try

include /etc/openldap/dkluenter.acl
sizelimit -1
password-hash {CLEARTEXT}
authz-regexp uid=(.*),cn=.*,cn=auth
        ldap:///dc=dkluenter,dc=de??sub?uid=$1
authz-regexp 
        gidNumber=0\\+uidNumber=0,cn=peercred,cn=external,cn=auth
        cn=config

database        config
rootdn          cn=config
rootpw          xxxxxx  

database        hdb
suffix          "ou=hamburg,dc=dkluenter,dc=de"
subordinate advertise
rootdn          "cn=admin,dc=dkluenter,dc=de"
directory       /var/lib/ldap/data/hamburg-data 
checkpoint      4096    5
index           default pres,eq
index           objectclass eq
index           mail sub,eq
index           sn,uid sub,eq
index           cn sub,eq
index           entryCSN,entryUUID
cachesize       5000
idlcachesize    15000
dbconfig set_cachesize 0 68157440 0
dbconfig set_lg_dir /var/lib/ldap/log/bdb/hamburg
dbconfig set_lg_regionmax 262144
dbconfig set_lg_bsize 2097152
dbconfig set_flags DB_LOG_AUTOREMOVE
overlay syncprov
syncprov-checkpoint 100 10

database        hdb
suffix          "ou=bremen,dc=dkluenter,dc=de"
subordinate advertise
rootdn  "cn=admin,dc=dkluenter,dc=de"
directory       /var/lib/ldap/data/bremen-data
checkpoint      4096 5
cachesize       5000
idlcachesize    1500
index   objectclass eq
index   sn,cn,mail eq,sub
index   uid sub,eq
index   entryCSN,entryUUID eq
dbconfig set_cachesize 0 68157440 0
dbconfig set_lg_dir /var/lib/ldap/log/bdb/bremen
dbconfig set_lg_regionmax 262144
dbconfig set_lg_bsize 2097152
dbconfig set_flags DB_LOG_AUTOREMOVE
overlay syncprov
syncprov-checkpoint 100 10

database        hdb
suffix          "dc=dkluenter,dc=de"
rootdn          "cn=admin,dc=dkluenter,dc=de"
rootpw          xxxxx   

checkpoint      1024    5
cachesize       2000
idlcachesize    6000
directory       /var/lib/ldap/data/main-data
checkpoint      4096 5
cachesize       5000
idlcachesize    1500
dbconfig set_cachesize 0 68157440 0
dbconfig set_lg_dir /var/lib/ldap/log/bdb/main
dbconfig set_lg_regionmax 262144
dbconfig set_lg_bsize 2097152
dbconfig set_flags DB_LOG_AUTOREMOVE
        
index   objectClass     eq
index default pres,eq
index mail,telephoneNumber
index cn,sn,uid eq,sub
index entryUUID,entryCSN eq
overlay glue
overlay accesslog
logdb "cn=log"
logops writes
logpurge 3+00:00 1+00:00

overlay syncprov
syncprov-checkpoint 100 10

database        hdb
suffix          "cn=log"
directory       /var/lib/ldap/data/log-data
rootdn  "cn=log"
checkpoint      10240 5
access to dn.subtree="cn=log"
        by dn="cn=Replicator,ou=Administrative,dc=dkluenter,dc=de" read
dbconfig set_cachesize 0 367001600 0
dbconfig set_lg_dir /var/lib/ldap/log/bdb/log
dbconfig set_lg_regionmax 262144
dbconfig set_lg_bsize 2097152
dbconfig set_flags DB_LOG_AUTOREMOVE
index   objectClass     eq
index reqStart,entryCSN,reqEnd,reqResult eq
overlay syncprov
syncprov-nopresent TRUE
syncprov-reloadhint TRUE
syncprov-checkpoint     100 10
database        monitor
## access to dn.subtree="cn=Monitor" by * read
# EOF

@@ Consumer slapd.conf
include         /home/dieter/openldap/etc/openldap/schema/core.schema
include         /home/dieter/openldap/etc/openldap/schema/cosine.schema
include         /home/dieter/openldap/etc/openldap/schema/inetorgperson.schema
include         /home/dieter/openldap/etc/openldap/schema/nis.schema
include         /home/dieter/openldap/etc/openldap/schema/dyngroup.schema
include         /home/dieter/openldap/etc/openldap/schema/ppolicy.schema

pidfile         /home/dieter/openldap/var/run/slapd.pid
argsfile        /home/dieter/openldap/var/run/slapd.args
loglevel 0

modulepath      /home/dieter/openldap/libexec/openldap
moduleload      accesslog.la
moduleload      syncprov.la

TLSCACertificateFile    /home/dieter/certs/avciCA.pem
TLSCertificateFile      /home/dieter/certs/magenta.pem
TLSCertificateKeyFile   /home/dieter/certs/magenta-key.pem
TLSCipherSuite  HIGH:TLSv1
TLSVerifyClient try
password-hash {CLEARTEXT}
include /home/dieter/openldap/etc/openldap/dkluenter.acl
sizelimit -1
authz-regexp uid=(.*),cn=.*,cn=auth
             ldap:///dc=dkluenter,dc=de??sub?uid=$1
authz-regexp
    gidNumber=0\\+uidNumber=0,cn=peercred,cn=external,cn=auth
    cn=config

database        config
rootdn          cn=config
rootpw          xxxxx

database        hdb
suffix          "ou=hamburg,dc=dkluenter,dc=de"
subordinate advertise
rootdn          "cn=admin,dc=dkluenter,dc=de"
directory       /home/dieter/openldap/var/hamburg-data  
checkpoint      4096    5
index           default pres,eq
index           objectclass eq
index           mail sub,eq
index           cn,sn sub,eq
index           entryCSN,entryUUID
cachesize       5000
idlcachesize    15000
dbconfig set_cachesize 0 68157440 0
dbconfig set_lg_dir /home/dieter/openldap/var/log/hamburg
dbconfig set_lg_regionmax 262144
dbconfig set_lg_bsize 2097152
dbconfig set_flags DB_LOG_AUTOREMOVE

syncrepl rid=42
        provider=ldap://rubin.avci.de
        sizelimit=unlimited
        bindmethod=simple
        binddn=cn=replicator,ou=Administrative,dc=dkluenter,dc=de
        credentials=xxxx
        searchbase="ou=hamburg,dc=dkluenter,dc=de"
        scope=sub
        type=refreshAndPersist
        retry="5 5 300 5"
        logbase="cn=log"
        logfilter=(&(objectClass=auditWriteObject)(reqResult=0))
        syncdata=accesslog
updateref ldap://rubin.avci.de

database        hdb
suffix          "ou=bremen,dc=dkluenter,dc=de"
subordinate advertise
rootdn  "cn=admin,dc=dkluenter,dc=de"
directory       /home/dieter/openldap/var/bremen-data
checkpoint      4096 5
cachesize       5000
idlcachesize    1500
index   objectclass eq
index   sn,cn,mail eq,sub
index   entryCSN,entryUUID eq
dbconfig set_cachesize 0 68157440 0
dbconfig set_lg_dir /home/dieter/openldap/var/log/bremen
dbconfig set_lg_regionmax 262144
dbconfig set_lg_bsize 2097152
dbconfig set_flags DB_LOG_AUTOREMOVE

syncrepl rid=99
        provider=ldap://rubin.avci.de
        sizelimit=unlimited
        bindmethod=simple
        binddn=cn=replicator,ou=Administrative,dc=dkluenter,dc=de
        credentials=xxxxx
        searchbase="ou=bremen,dc=dkluenter,dc=de"
        scope=sub
        type=refreshAndPersist
        retry="5 5 300 5"
        logbase="cn=log"
        logfilter=(&(objectClass=auditWriteObject)(reqResult=0))
        syncdata=accesslog
updateref ldap://rubin.avci.de

database        hdb
suffix          "dc=dkluenter,dc=de"
rootdn          "cn=admin,dc=dkluenter,dc=de"
rootpw          xxxxx

checkpoint      1024    5
cachesize       2000
idlcachesize    6000
directory       /home/dieter/openldap/var/hdk-data
checkpoint      4096 5
cachesize       5000
idlcachesize    1500
dbconfig set_cachesize 0 68157440 0
dbconfig set_lg_dir /home/dieter/openldap/var/log/hdk
dbconfig set_lg_regionmax 262144
dbconfig set_lg_bsize 2097152
dbconfig set_flags DB_LOG_AUTOREMOVE
        
index   objectClass     eq
index default pres,eq
index mail,telephoneNumber
index cn,sn,uid eq,sub
index entryUUID,entryCSN eq
overlay glue

database        monitor
# access to dn.subtree="cn=Monitor" by * read
# EOF
» dkluenter
« ohne Titel
Pastebin ist ein Dienst, der sich primär an Programmierer richtet, welche untereinander Quelltext austauschen möchten und nicht auf die Übersichtlichkeit und das Syntaxhighlighting eines normalen Compilers verzichten möchten. Aber auch für jeden anderen kann Pastebin eine Hilfe sein um Texte, Chat-Protokolle oder Fehlerberichte öffentlich zugänglich zu machen.
Ein Projekt von 28h Lab UG
Neue Pastes

dkluenter
