####################################################################### # OpenLDAP slapd Configuration File. # See slapd.conf(5) for details on configuration options. # Database Schema include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/mail.schema # mail.schema/postLDAPadmin.schemaは別途追加する # System File pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args # Allow LDAPv2 client connections. This is NOT the default. allow bind_v2 ####################################################################### # Load dynamic backend modules: modulepath /usr/local/libexec/openldap moduleload back_mdb # moduleload back_ldap moduleload back_monitor moduleload syncprov # 必要に応じて ####################################################################### # syslog # loglevel 0 is not output openldap log. # log is output for syslog (local4.*) #loglevel 960 loglevel 256 ####################################################################### # Access Control List. access to dn.subtree="ou=vmail,o=example" attrs=userPassword by self write by anonymous auth by * none access to * by self write by * read ####################################################################### # MDB database definitions ####################################################################### database mdb maxsize 1073741824 suffix "o=example.net" rootdn "cn=Manager,o=example" rootpw secret directory /var/db/openldap-data index objectClass eq,pres index ou,cn,mail,surname,givenname eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index nisMapName,nisMapEntry eq,pres,sub ####################################################################### # Replication ( Share ) index entryCSN,entryUUID eq # Replication ( Provider ) overlay syncprov syncprov-sessionlog 100 serverID 1 # Replication ( Consumer ) #syncrepl rid=001 # provider=ldap://xxx.xxx.xxx.xxx # bindmethod=simple # binddn="cn=Manager,o=example" # credentials=secret # searchbase="o=example" # schemachecking=on # type=refreshAndPersist # retry="10 +" #syncrepl rid=002 # provider=ldap://xxx.xxx.xxx.yyy # bindmethod=simple # binddn="cn=Manager,o=example" # credentials=secret # searchbase="o=example" # schemachecking=on # type=refreshAndPersist # retry="10 +" #mirrormode on