1# provider slapd config -- for testing 2# $OpenLDAP$ 3## This work is part of OpenLDAP Software <http://www.openldap.org/>. 4## 5## Copyright 1998-2021 The OpenLDAP Foundation. 6## All rights reserved. 7## 8## Redistribution and use in source and binary forms, with or without 9## modification, are permitted only as authorized by the OpenLDAP 10## Public License. 11## 12## A copy of this license is available in the file LICENSE in the 13## top-level directory of the distribution or, alternatively, at 14## <http://www.OpenLDAP.org/license.html>. 15 16include @SCHEMADIR@/core.schema 17include @SCHEMADIR@/cosine.schema 18include @SCHEMADIR@/inetorgperson.schema 19include @SCHEMADIR@/openldap.schema 20include @SCHEMADIR@/nis.schema 21pidfile @TESTDIR@/slapd.m.pid 22argsfile @TESTDIR@/slapd.m.args 23 24####################################################################### 25# database definitions 26####################################################################### 27 28#mod#modulepath ../servers/slapd/back-@BACKEND@/:../servers/slapd/overlays 29#mod#moduleload back_@BACKEND@.la 30#ldapmod#modulepath ../servers/slapd/back-ldap/ 31#ldapmod#moduleload back_ldap.la 32#rwmmod#modulepath ../servers/slapd/overlays/ 33#rwmmod#moduleload rwm.la 34#monitormod#modulepath ../servers/slapd/back-monitor/ 35#monitormod#moduleload back_monitor.la 36 37# here the proxy is not only acting as a proxy, but it also has a local database dc=local,dc=com" 38database @BACKEND@ 39suffix "dc=local,dc=com" 40rootdn "cn=Manager,dc=local,dc=com" 41rootpw "secret" 42#~null~#directory @TESTDIR@/db.2.a 43 44 45# Configure proxy 46# - normal user binds to "*,dc=example,dc=com" are proxied through to the remote slapd 47# - admin bind to local "cn=Manager,dc=local,dc=com" is overwritten by using idassert-bind 48database ldap 49uri "@URI1@" 50suffix "dc=idle-timeout,dc=example,dc=com" 51idassert-bind bindmethod=simple binddn="cn=Manager,dc=example,dc=com" credentials="secret" 52idassert-authzFrom "dn.exact:cn=Manager,dc=local,dc=com" 53rebind-as-user yes 54monitoring on 55idle-timeout @TIMEOUT@ 56overlay rwm 57rwm-suffixmassage "dc=idle-timeout,dc=example,dc=com" "ou=People,dc=example,dc=com" 58 59database ldap 60uri "@URI1@" 61suffix "dc=conn-ttl,dc=example,dc=com" 62idassert-bind bindmethod=simple binddn="cn=Manager,dc=example,dc=com" credentials="secret" 63idassert-authzFrom "dn.exact:cn=Manager,dc=local,dc=com" 64rebind-as-user yes 65monitoring on 66conn-ttl @TIMEOUT@ 67overlay rwm 68rwm-suffixmassage "dc=conn-ttl,dc=example,dc=com" "ou=People,dc=example,dc=com" 69 70database monitor 71 72