Untitled Document

Title: dkluenter | Paste from Guest at 2011-03-19 14:12:02 | Syntax: | Hits: 92 | Valid for: Never

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259
@@ Provider slapd.conf
include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/dyngroup.schema
include         /etc/openldap/schema/ppolicy.schema

pidfile         /var/run/slapd/slapd.pid
argsfile        /var/run/slapd/slapd.args
loglevel 0

modulepath      /usr/lib/openldap/modules
moduleload      accesslog.la

TLSCACertificateFile    /etc/openldap/certs/avciCA.pem
TLSCertificateFile      /etc/openldap/certs/rubin.pem
TLSCertificateKeyFile   /etc/openldap/certs/rubin-key.pem
TLSCipherSuite  HIGH:TLSv1
TLSVerifyClient try

include /etc/openldap/dkluenter.acl
sizelimit -1
password-hash {CLEARTEXT}
authz-regexp uid=(.*),cn=.*,cn=auth
        ldap:///dc=dkluenter,dc=de??sub?uid=$1
authz-regexp 
        gidNumber=0\\+uidNumber=0,cn=peercred,cn=external,cn=auth
        cn=config

database        config
rootdn          cn=config
rootpw          xxxxxx  

database        hdb
suffix          "ou=hamburg,dc=dkluenter,dc=de"
subordinate advertise
rootdn          "cn=admin,dc=dkluenter,dc=de"
directory       /var/lib/ldap/data/hamburg-data 
checkpoint      4096    5
index           default pres,eq
index           objectclass eq
index           mail sub,eq
index           sn,uid sub,eq
index           cn sub,eq
index           entryCSN,entryUUID
cachesize       5000
idlcachesize    15000
dbconfig set_cachesize 0 68157440 0
dbconfig set_lg_dir /var/lib/ldap/log/bdb/hamburg
dbconfig set_lg_regionmax 262144
dbconfig set_lg_bsize 2097152
dbconfig set_flags DB_LOG_AUTOREMOVE
overlay syncprov
syncprov-checkpoint 100 10

database        hdb
suffix          "ou=bremen,dc=dkluenter,dc=de"
subordinate advertise
rootdn  "cn=admin,dc=dkluenter,dc=de"
directory       /var/lib/ldap/data/bremen-data
checkpoint      4096 5
cachesize       5000
idlcachesize    1500
index   objectclass eq
index   sn,cn,mail eq,sub
index   uid sub,eq
index   entryCSN,entryUUID eq
dbconfig set_cachesize 0 68157440 0
dbconfig set_lg_dir /var/lib/ldap/log/bdb/bremen
dbconfig set_lg_regionmax 262144
dbconfig set_lg_bsize 2097152
dbconfig set_flags DB_LOG_AUTOREMOVE
overlay syncprov
syncprov-checkpoint 100 10

database        hdb
suffix          "dc=dkluenter,dc=de"
rootdn          "cn=admin,dc=dkluenter,dc=de"
rootpw          xxxxx   

checkpoint      1024    5
cachesize       2000
idlcachesize    6000
directory       /var/lib/ldap/data/main-data
checkpoint      4096 5
cachesize       5000
idlcachesize    1500
dbconfig set_cachesize 0 68157440 0
dbconfig set_lg_dir /var/lib/ldap/log/bdb/main
dbconfig set_lg_regionmax 262144
dbconfig set_lg_bsize 2097152
dbconfig set_flags DB_LOG_AUTOREMOVE
        
index   objectClass     eq
index default pres,eq
index mail,telephoneNumber
index cn,sn,uid eq,sub
index entryUUID,entryCSN eq
overlay glue
overlay accesslog
logdb "cn=log"
logops writes
logpurge 3+00:00 1+00:00

overlay syncprov
syncprov-checkpoint 100 10

database        hdb
suffix          "cn=log"
directory       /var/lib/ldap/data/log-data
rootdn  "cn=log"
checkpoint      10240 5
access to dn.subtree="cn=log"
        by dn="cn=Replicator,ou=Administrative,dc=dkluenter,dc=de" read
dbconfig set_cachesize 0 367001600 0
dbconfig set_lg_dir /var/lib/ldap/log/bdb/log
dbconfig set_lg_regionmax 262144
dbconfig set_lg_bsize 2097152
dbconfig set_flags DB_LOG_AUTOREMOVE
index   objectClass     eq
index reqStart,entryCSN,reqEnd,reqResult eq
overlay syncprov
syncprov-nopresent TRUE
syncprov-reloadhint TRUE
syncprov-checkpoint     100 10
database        monitor
## access to dn.subtree="cn=Monitor" by * read
# EOF

@@ Consumer slapd.conf
include         /home/dieter/openldap/etc/openldap/schema/core.schema
include         /home/dieter/openldap/etc/openldap/schema/cosine.schema
include         /home/dieter/openldap/etc/openldap/schema/inetorgperson.schema
include         /home/dieter/openldap/etc/openldap/schema/nis.schema
include         /home/dieter/openldap/etc/openldap/schema/dyngroup.schema
include         /home/dieter/openldap/etc/openldap/schema/ppolicy.schema

pidfile         /home/dieter/openldap/var/run/slapd.pid
argsfile        /home/dieter/openldap/var/run/slapd.args
loglevel 0

modulepath      /home/dieter/openldap/libexec/openldap
moduleload      accesslog.la
moduleload      syncprov.la

TLSCACertificateFile    /home/dieter/certs/avciCA.pem
TLSCertificateFile      /home/dieter/certs/magenta.pem
TLSCertificateKeyFile   /home/dieter/certs/magenta-key.pem
TLSCipherSuite  HIGH:TLSv1
TLSVerifyClient try
password-hash {CLEARTEXT}
include /home/dieter/openldap/etc/openldap/dkluenter.acl
sizelimit -1
authz-regexp uid=(.*),cn=.*,cn=auth
             ldap:///dc=dkluenter,dc=de??sub?uid=$1
authz-regexp
    gidNumber=0\\+uidNumber=0,cn=peercred,cn=external,cn=auth
    cn=config

database        config
rootdn          cn=config
rootpw          xxxxx

database        hdb
suffix          "ou=hamburg,dc=dkluenter,dc=de"
subordinate advertise
rootdn          "cn=admin,dc=dkluenter,dc=de"
directory       /home/dieter/openldap/var/hamburg-data  
checkpoint      4096    5
index           default pres,eq
index           objectclass eq
index           mail sub,eq
index           cn,sn sub,eq
index           entryCSN,entryUUID
cachesize       5000
idlcachesize    15000
dbconfig set_cachesize 0 68157440 0
dbconfig set_lg_dir /home/dieter/openldap/var/log/hamburg
dbconfig set_lg_regionmax 262144
dbconfig set_lg_bsize 2097152
dbconfig set_flags DB_LOG_AUTOREMOVE

syncrepl rid=42
        provider=ldap://rubin.avci.de
        sizelimit=unlimited
        bindmethod=simple
        binddn=cn=replicator,ou=Administrative,dc=dkluenter,dc=de
        credentials=xxxx
        searchbase="ou=hamburg,dc=dkluenter,dc=de"
        scope=sub
        type=refreshAndPersist
        retry="5 5 300 5"
        logbase="cn=log"
        logfilter=(&(objectClass=auditWriteObject)(reqResult=0))
        syncdata=accesslog
updateref ldap://rubin.avci.de

database        hdb
suffix          "ou=bremen,dc=dkluenter,dc=de"
subordinate advertise
rootdn  "cn=admin,dc=dkluenter,dc=de"
directory       /home/dieter/openldap/var/bremen-data
checkpoint      4096 5
cachesize       5000
idlcachesize    1500
index   objectclass eq
index   sn,cn,mail eq,sub
index   entryCSN,entryUUID eq
dbconfig set_cachesize 0 68157440 0
dbconfig set_lg_dir /home/dieter/openldap/var/log/bremen
dbconfig set_lg_regionmax 262144
dbconfig set_lg_bsize 2097152
dbconfig set_flags DB_LOG_AUTOREMOVE

syncrepl rid=99
        provider=ldap://rubin.avci.de
        sizelimit=unlimited
        bindmethod=simple
        binddn=cn=replicator,ou=Administrative,dc=dkluenter,dc=de
        credentials=xxxxx
        searchbase="ou=bremen,dc=dkluenter,dc=de"
        scope=sub
        type=refreshAndPersist
        retry="5 5 300 5"
        logbase="cn=log"
        logfilter=(&(objectClass=auditWriteObject)(reqResult=0))
        syncdata=accesslog
updateref ldap://rubin.avci.de

database        hdb
suffix          "dc=dkluenter,dc=de"
rootdn          "cn=admin,dc=dkluenter,dc=de"
rootpw          xxxxx

checkpoint      1024    5
cachesize       2000
idlcachesize    6000
directory       /home/dieter/openldap/var/hdk-data
checkpoint      4096 5
cachesize       5000
idlcachesize    1500
dbconfig set_cachesize 0 68157440 0
dbconfig set_lg_dir /home/dieter/openldap/var/log/hdk
dbconfig set_lg_regionmax 262144
dbconfig set_lg_bsize 2097152
dbconfig set_flags DB_LOG_AUTOREMOVE
        
index   objectClass     eq
index default pres,eq
index mail,telephoneNumber
index cn,sn,uid eq,sub
index entryUUID,entryCSN eq
overlay glue

database        monitor
# access to dn.subtree="cn=Monitor" by * read
# EOF


» dkluenter
« no title